mod-security-users

RE: [mod-security-users] as reverse proxy

[Alon A. <aa...@we...>]

Hi ,=20

Mod_proxy should be used as:

=20

    ProxyPass / http://192.168.1.30 <http://192.168.1.30/> /

    ProxyPassReverse / http://192.168.1.30/ <http://192.168.1.30/> =20

=20

Note the last slash.

=20

=20

=20

________________________________

From: mod...@li...
[mailto:mod...@li...] On Behalf Of
kiran k
Sent: Monday, January 30, 2006 7:02 AM
To: mod...@li...
Subject: [mod-security-users] as reverse proxy

=20

=20

Hi:

=20

I set it up exactly as described in the article. Basic test went fine,
ie when I access http:192.168.1.10 (which is proxy), it went to
192.168.1.30.=20

=20

When I try access server scripts (ie
http://192.168.1.10/cgi-bin/modsec-test.pl) I get proxy error, like
below. What is missing ? Why DNS lookup for ipaddr ?

=20

=20

=20

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET
/cgi-bin/modsec-test.pl <http://192.168.1.10/cgi-bin/secprise.pl> .=20

Reason: DNS lookup failure for: 192.168.1.30cgi-bin

=20

Configuration:

=20

<VirtualHost 192.168.1.10>

   =20

    ServerName localhost

    ProxyRequests Off

    ProxyPass / http://192.168.1.30 <http://192.168.1.30/>=20

    ProxyPassReverse / http://192.168.1.30 <http://192.168.1.30/>=20

=20

   =20

    SecFilterEngine DynamicOnly

    SecFilterCheckURLEncoding On

</VirtualHost>

=20

=20

=20

=20

=20

=20

=20

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around=20
http://mail.yahoo.com=20

________________________________

Do you Yahoo!?
With a free 1 GB, there's more in store with Yahoo! Mail.
<http://us.rd.yahoo.com/mail_us/taglines/mailstorage/*http:/mail.yahoo.c
om/>=20

[mod-security-users] info disclosure on deny

[kiran k <kir...@ya...>]

   
  Thanks, I should have paid more attention on error string duh..
   
  I was able to monitor server script, for deny I get forbidden page with (   Apache/2.0.55 (Unix) Server at 192.168.1.10 Port 80), I would like to avoid this, is there any thing else other than deny:redirect so that it just shows it blocked no more info about apache version.        Thanks,
   
   
   
   
  

Alon Agmon <aa...@we...> wrote:         v\:* {behavior:url(#default#VML);}  o\:* {behavior:url(#default#VML);}  w\:* {behavior:url(#default#VML);}  .shape {behavior:url(#default#VML);}                Hi , 
  Mod_proxy should be used as:
   
      ProxyPass / http://192.168.1.30/
      ProxyPassReverse / http://192.168.1.30/ 
   
  Note the last slash.
   
   
   
      
---------------------------------
  
  From: mod...@li... [mailto:mod...@li...] On Behalf Of kiran k
Sent: Monday, January 30, 2006 7:02 AM
To: mod...@li...
Subject: [mod-security-users] as reverse proxy

   
       

    Hi:

     

    I set it up exactly as described in the article. Basic test went fine, ie when I access http:192.168.1.10 (which is proxy), it went to 192.168.1.30. 

     

    When I try access server scripts (ie http://192.168.1.10/cgi-bin/modsec-test.pl) I get proxy error, like below. What is missing ? Why DNS lookup for ipaddr ?

     

     

     

    The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /cgi-bin/modsec-test.pl. 

      Reason: DNS lookup failure for: 192.168.1.30cgi-bin


     

    Configuration:

     

    <VirtualHost 192.168.1.10>

        

        ServerName localhost

        ProxyRequests Off

        ProxyPass / http://192.168.1.30

        ProxyPassReverse / http://192.168.1.30

     

        

        SecFilterEngine DynamicOnly

        SecFilterCheckURLEncoding On

    </VirtualHost>

     

     

     

     

     

     

     


  __________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
    
---------------------------------
  
  Do you Yahoo!?
With a free 1 GB, there's more in store with Yahoo! Mail.





			
---------------------------------
 Yahoo! Autos. Looking for a sweet ride? Get pricing, reviews, & more on new and used cars.

Re: [mod-security-users] info disclosure on deny

[Ryan B. <rcb...@gm...>]

Add in "ServerSignature Off" to the httpd.conf file to remove that footer
message from error pages..

--
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor: Securing Apache
GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache


On 1/30/06, kiran k <kir...@ya...> wrote:
>
>
> Thanks, I should have paid more attention on error string duh..
>
> I was able to monitor server script, for deny I get forbidden page with (=
 Apache/2.0.55
> (Unix) Server at 192.168.1.10 Port 80), I would like to avoid this, is
> there any thing else other than deny:redirect so that it just shows it
> blocked no more info about apache version.     Thanks,
>
>
>
>
>
>
> *Alon Agmon <aa...@we...>* wrote:
>
>  Hi ,
> Mod_proxy should be used as:
>
>     ProxyPass / http://192.168.1.30/
>     ProxyPassReverse / http://192.168.1.30*/* <http://192.168.1.30/>
>
> Note the last slash.
>
>
>
>  ------------------------------
>  *From:* mod...@li... [mailto:
> mod...@li...] *On Behalf Of *kiran k
> *Sent:* Monday, January 30, 2006 7:02 AM
> *To:* mod...@li...
> *Subject:* [mod-security-users] as reverse proxy
>
>
>  Hi:
>
>  I set it up exactly as described in the article. Basic test went fine, i=
e
> when I access http:192.168.1.10 (which is proxy), it went to 192.168.1.30=
.
>
>
>  When I try access server scripts (ie
> http://192.168.1.10/cgi-bin/modsec-test.pl) I get proxy error, like below=
.
> What is missing ? Why DNS lookup for ipaddr ?
>
>
>
>  The proxy server received an i nvalid response from an upstream server.
> The proxy server could not handle the request *GET /cgi-bin/modsec-test.p=
l<http://192.168.1.10/cgi-bin/secprise.pl>
> *.
>  Reason: *DNS lookup failure for: 192.168.1.30cgi-bin*
>
>  Configuration:
>
>  <VirtualHost 192.168.1.10>
>
>      ServerName localhost
>      ProxyRequests Off
>      ProxyPass / http://192.168.1.30
>      ProxyPassReverse / http://192.168.1.30
>
>
>      SecFilterEngine DynamicOnly
>      SecFilterCheckURLEncoding On
>  </VirtualHost>
>
>
>
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>  ------------------------------
>  Do you Yahoo!?
> With a free 1 GB, there's more in store with Yahoo! Mail.<http://us.rd.ya=
hoo.com/mail_us/taglines/mailstorage/*http:/mail.yahoo.com/>
>
>
>  ------------------------------
> Yahoo! Autos<http://us.rd.yahoo.com/evt=3D38381/+ylc=3DX3oDMTEzcGlrdGY5BF=
9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDMWF1dG9z/*http://autos.yahoo.com/inde=
x.html+>.
> Looking for a sweet ride? Get pricing, reviews, & more on new and used ca=
rs.
>
>
>