Yes, Reindl. Thank you for your concerns. The first thing that I did when I realize this problem was to stop apache and set the firewall to block port 80, in order to stop the traffic.

In testing using apache in another port. I'm managed to block proxy requests, but I want that this requests consume the lower traffic possible, so that is why i was asking if instead apache responding 404 or 403, closes the connection so no outgoing traffic is made.

Proxy is enabled only for a virtual host with a specific domain. 

I really appreciate your suggestions, thank you again.

Best regards


2013/2/15 Reindl Harald <>
have you set

<IfModule mod_proxy.c>
 ProxyRequests Off

a i suggested hours ago?
it does not need to be enabled, even for common proxy-setups in apache
and it SHOULD NOT be enabled except with specific needs in a
<Location> or <Vhost>

Am 16.02.2013 00:37, schrieb Alejandro Casagrande:
> Thank you for your suggestions Steven. Unfortunately i need mod_proxy because i need to redirect requests to
> another web server in another port.
> Besides disabling mod_proxy, I would like that apache does not respond to this requests as they will generate
> traffic responding 404.
> 2013/2/15 Steven Kucharzyk < <>>
>     __
>     I would like to suggest ... starting with Apache itself and unload, remove, disable any mod_proxy modules and
>     directives ... it does no good to establish mod_security rules to block a service that you don't want running
>     or understand how to control. I would do that with all modules you don't understand and "park" or eliminate all
>     virtual_host configurations that you yourself have not set up and understand completely

The Go Parallel Website, sponsored by Intel - in partnership with Geeknet,
is your hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials, tech docs,
whitepapers, evaluation guides, and opinion stories. Check out the most
recent posts - join the conversation now.
mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:

Ing. Alejandro Casagrande
Advenio Software