[NBLUG/talk] How to read logwatch & httpd access_log
Dave Sisley
dsisley at sonic.net
Mon Jan 24 10:50:39 PST 2005
On Mon, Jan 24, 2005 at 06:31:02AM -0800, Dave Sisley wrote:
>
> I'm assuming that I should configure the server to instead give out a
> 405 (not 200) on CONNECT requests, and that apache should return an
> error page, not my home page.
>
> I'm going to spend some time later this morning on this, and I'll post
> what I find. I'm sure it's something simple - I just have to RTFM.
Okay. I've googled and RTFM, and here is what I've done:
I have added a Limit to my apache configuration file, right in the
stanza for the root directory. It now reads like this:
<Directory />
Options FollowSymLinks
AllowOverride None
<Limit CONNECT>
Order deny,allow
Deny from all
</Limit>
</Directory>
Repeating Ron's telnet test, I see that apache returns an error page
and logs the following in my access_log:
[sonic account] - - [24/Jan/2005:10:40:37 -0800] "CONNECT 1.3.3.7:1337 HTTP/1.0" 403 3931 "-" "-"
So apache now returns a 403 Forbidden, rather than a 200 OK code.
I think that solves my issue, but if anyone sees something I should do
differently, please post to this thread.
Thanks again!
-dave.
--
Dave Sisley
dsisley at sonic.net
roth-sisley.net
More information about the talk
mailing list