[ChrisRyland]

[QUOTE][u]Quote by: trampoline[/u]

I think my server is being used (hacked) as a proxy server, can anyone explain this and what should I do ?
84.16.252.116 – – [08/Nov/2006:11:46:14 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:11:47:57 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:11:48:10 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:11:48:48 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:12:00:14 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:12:23:36 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317
84.16.252.116 – – [08/Nov/2006:12:26:09 +0000] “CONNECT mail.yahoo.com:443 HTTP/1.1” 405 317

[/QUOTE]

Nothing to worry about, really–someone is trying to use your web server as a relay, but it’s correctly responding with a 405 HTTP error (method not allowed).

[ChrisRyland]

Turns out this was a bug in the Tiger release when upgrading.

10.4.2 fixes the bug.

[ChrisRyland]

[QUOTE BY= MacTroll] Most apps, Postfix and Apache, start off life as a root process and then drop their root privs once they’ve started up and running.

In many cases this allows them to cache the cert as root and then use it when they’ve dropped their root privs.

I haven’t used a purchased cert on 10.4 yet, but all the self-signed ones I’ve done have worked fine.

You might want to give the cert assistant in Keychain Manager a go. Its MUCH more powerful than what server admin has.[/QUOTE]

Thanks, but though they *could* do this, none of them seem to do it.

Thanks for the tip re Keychain Manager, but I’m all set with acquiring the cert.

[Author]

Posts