When examining the log for one of my clients, I noticed there are quite a few entries like:
Connection attempts using mod_proxy:
212.247.120.50 -> 205.188.251.43:443: 6 Time(s)
212.247.120.50 -> 64.12.202.116:443: 6 Time(s)
Since they do use proxy module on those apache servers, looks like someone are trying to use the servers as open proxy. Hmmm, worth to find more detail behind.
ModSecurity is a open source web application firewall. "With over 70% of all attacks now carried out over the web application level, organisations need every help they can get in making their systems secure. Web application firewalls are deployed to establish an external security layer that increases security, detects, and prevents attacks before they reach web applications."
Recent comments
2 days 4 hours ago
2 days 5 hours ago
6 days 14 hours ago
1 week 2 days ago
1 week 3 days ago
1 week 5 days ago
1 week 5 days ago
2 weeks 1 day ago
2 weeks 4 days ago
3 weeks 1 day ago