I would like to suggest ... starting with Apache itself and unload, remove, disable any mod_proxy modules and directives ... it does no good to establish mod_security rules to block a service that you don't want running or understand how to control. I would do that with all modules you don't understand and "park" or eliminate all virtual_host configurations that you yourself have not set up and understand completely.
This is a p-2-p post ... Steven
On Friday 15 February 2013 12:56:14 Alejandro Casagrande wrote:
> I'm sorry, I didn't realize that I replied directly to you
> Yes, I know that im the root, and im working on that.
> 2013/2/15 Reindl Harald <firstname.lastname@example.org>
> > DO NOT RELY OFF-LIST
> > they do NOT
> > VPS = virtual private server
> > YOU are root, YOU are responsible for the machine
> > YOU need to make sure the configuration is sane
> > YOU need to hire someone who can provide this if you are
> > lack admin expierience for a public server or LEARN
> > BEFORE you take machines online which are not secure
> > configured because YOU are responsible for any damage
> > they do on 3rd parties
> > Am 15.02.2013 21:34, schrieb Alejandro Casagrande:
> > > They provide it that way
> > >
> > > 2013/2/15 Reindl Harald <email@example.com <mailto:
> > firstname.lastname@example.org>>
> > >
> > > Am 15.02.2013 21:20, schrieb Alejandro Casagrande:
> > > > Hi, I purchased a VPS a few days ago and I'm having huge traffic
> > because a lot of IPs are using the VPS as a
> > > proxy.
> > > > I managed to setup mod_security2 to deny this connections
> > >
> > > WTF why is your machine so misconfigured that random
> > > people can use it as proxy and why do you not DISCONNECT
> > > the machine from the WAN before you have a sane setup?
> > >
> > > if you do not use ProxyPass at your own do not load
> > > mod_proxy at all. if you use it:
> > >
> > > <IfModule mod_proxy.c>
> > > ProxyRequests Off
> > > </IfModule>
> > ------------------------------------------------------------------------------
> > The Go Parallel Website, sponsored by Intel - in partnership with Geeknet,
> > is your hub for all things parallel software development, from weekly
> > thought
> > leadership blogs to news, videos, case studies, tutorials, tech docs,
> > whitepapers, evaluation guides, and opinion stories. Check out the most
> > recent posts - join the conversation now.
> > _______________________________________________
> > mod-security-users mailing list
> > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
Mail delivery confirmation requests:
Confirmation requests, are sent to verify delivery by the mail delivery system and does not imply, the message was actually read/ understood by the intended recipient(s)
Indiscriminate confirmations to unknown parties may jeopardize your privacy.
This e-mail message may contain privileged and/or confidential information, and is intended to be received only by persons entitled to receive such information. If you have received this e-mail in error, please notify the sender immediately. Please delete it and all attachments from any servers, hard drives or any other media. Other use of this e-mail by you is strictly prohibited. The information contained in this email may be subject to the export control laws and regulations of the united states, potentially including but not limited to the export administration regulations (ear) and sanctions regulations issued by the u.s. Department of treasury, office of foreign asset controls (ofac). As a recipient of this information you are obligated to comply with all applicable u.s. Export laws and regulations.