On Wed, 23 Jul 2003, Nico Foltinek wrote: > I'd like to make a suggestion for documenting the mod_proxy vulnerability to > being a spam relay. I agree that it's a user config issue (mea culpa), but > there wasn't much in the docs that gave me the impression that mod_proxy was > so powerful. Also, I'm using 1.3 as a reverse proxy, and the docs focus on > securing a forward proxy. The 2.0 docs mention using mod_proxy as a reverse > proxy, but still only allude to the <Directory> directive for securing it.
Please see http://cvs.apache.org/~slive/manual/mod/mod_proxy.html for a draft of the new proxy docs. Any feedback is welcome. > <LocationMatch "^[^/]"> > Deny from all > </LocationMatch> I don't believe this is necessary. Simply use ProxyRequests Off and you will be fine. Joshua. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
