Apache Proxy HTTP CONNECT method enabled


Your web server is configured to run as a proxy server. In order to avoid abuse, it's recommended to restrict access to this proxy server. Open proxy servers are dangerous both to your network and to the Internet at large. Also, HTTP CONNECT method is enabled on this Apache web server. This can be used to launch attacks against internal machines or to, for example, use an internal mail server as an open relay.

ShareShare on FacebookTweet about this on TwitterShare on Google+

Possible sensitive information disclosure.

You can control who can access your proxy via the <Proxy> control block as in the following example:

<Proxy *> Order Deny,Allow Deny from all Allow from 192.168.0 </Proxy>

Apache 1.x module mod_proxy
Apache 2.x module mod_proxy_connect