Freedom The Open Source Way Contribute Articles or News to OSForgeOSForge HomeLogout from Forums
Contacting OSForgeOSForge HomeAbout OSForge
  
Forum Main Page User Control Panel Register to be a member - It's Free Search for Posts Event Calendar Members Lists Help on Using This Forum
OSForge Forums ? Servers & Security ? HTTP CONNECT requests ? Hello Guest [login|register]
Last Post | First unread Post Print Page | Recommend to Friend | Add Thread to Favorites

Post New Thread Post Reply

HTTP CONNECT requests

Author
Post ? Previous Thread | Next Thread ?

brutus brutus is a Male
Starter Tux
Posts : 12
Joined : 09-02-2003
Status: Offline
Location: Midwest, USA



Quote | Edit | Report | IP | Up

HTTP CONNECT requests

I know they are generally benign, but is there some way to filter these requests without having to recompile Apache? I thought about a rule in iptables, but I'm not too edumacated on iptables yet.

Thanks!
-Brutus
09-02-2003 14:59 Homepage of brutus Search for Posts by brutus Add brutus to your Buddy List

ewdi ewdi is a Male
Veteran Tux
Posts : 121
Joined : 01-12-2003
Status: Offline
Location: Texas



Quote | Edit | Report | IP | Up

yes you can block them through iptables, but if you want to block outside connecting in you can also do it on httpd.conf
09-02-2003 21:48 Homepage of ewdi Search for Posts by ewdi Add ewdi to your Buddy List
brutus brutus is a Male
Starter Tux
Posts : 12
Joined : 09-02-2003
Status: Offline
Location: Midwest, USA



Quote | Edit | Report | IP | Up

quote:
Originally posted by ewdi
yes you can block them through iptables, but if you want to block outside connecting in you can also do it on httpd.conf


How so?
09-03-2003 15:04 Homepage of brutus Search for Posts by brutus Add brutus to your Buddy List
ewdi ewdi is a Male
Veteran Tux
Posts : 121
Joined : 01-12-2003
Status: Offline
Location: Texas



Quote | Edit | Report | IP | Up

you can set Allow into the httpd.conf to only allow certain IP (such as your local IP) to connect to the HTTPD server

use this in your httpd.conf

Order Deny,Allow
Deny from all
Allow from 192.168.0.1

that is 192.168.0.1 is the IP you want to allow to connect such as your local network systems
09-03-2003 16:41 Homepage of ewdi Search for Posts by ewdi Add ewdi to your Buddy List
brutus brutus is a Male
Starter Tux
Posts : 12
Joined : 09-02-2003
Status: Offline
Location: Midwest, USA



Quote | Edit | Report | IP | Up

I don't think we're on the same page...

Here is what the requests look like:

CONNECT 127.0.0.1 HTTP/1.0

I don't want to limit the access to certain IP's, I want to actually filter the packets based on their content. In other words, I want to only allow GET and POST requests.
09-05-2003 23:37 Homepage of brutus Search for Posts by brutus Add brutus to your Buddy List
ewdi ewdi is a Male
Veteran Tux
Posts : 121
Joined : 01-12-2003
Status: Offline
Location: Texas



Quote | Edit | Report | IP | Up

ah in that case, u can use

<LimitExcept POST>
...
</LimitExcept>
09-06-2003 00:19 Homepage of ewdi Search for Posts by ewdi Add ewdi to your Buddy List
brutus brutus is a Male
Starter Tux
Posts : 12
Joined : 09-02-2003
Status: Offline
Location: Midwest, USA



Quote | Edit | Report | IP | Up

Text

Aha.

Thanks much. That gets me on the right track. Smile
09-07-2003 00:30 Homepage of brutus Search for Posts by brutus Add brutus to your Buddy List
ewdi ewdi is a Male
Veteran Tux
Posts : 121
Joined : 01-12-2003
Status: Offline
Location: Texas



Quote | Edit | Report | IP | Up

glad to help Smile
09-07-2003 00:55 Homepage of ewdi Search for Posts by ewdi Add ewdi to your Buddy List

Tree Structure | Board Structure

Rate HTTP CONNECT requests

 

Poor very bad 
1
2
3
4
5 		 very good Excellent
Post New Thread Post Reply
Go to:

Scroll Up

   About OSForge | Term of Use | Privacy | Contact us | Tell a Friend | Advertise

 Powered by Burning Board, ? 2002WoltLab GbR