http connect/proxy?

i'm sort of worried about the whole apache proxy features and wondering what exact an HTTP CONNECT request is…

i've been getting a bunch of stuff in my iptables.log from scanning popular proxy ports (8080, 1080, 8081, 8010, 3128 etc..), but that's not really a big deal to me since all those connections just get dropped by iptables

i also checked my apache/httpd access_log and the same IP address was sending (or trying to send?) HTTP CONNECT requests through my web server and some googling tells me this is how apache is used as a proxy server… i don't want to be proxying random strangers traffic!

also, my httpd.conf has all the LoadModule lines for proxy_* modules commented out

an example from my access_log is here: - - [17/Sep/2009:11:30:06 -0400] "CONNECT HTTP/1.0" 301 298 "-" "-"

i see that apache is returning a 301 which i'm pretty sure is a redirect… if he was getting a 404 or a 403 or something, i wouldn't be so concerned…

so what should i do? or is a 301 absolutely normal for a blocked http connect request?

2 Replies

When Apache encounters an invalid URL, it will usually serve up your default page. I'm guessing that your main page is a redirect.

You can test this with the telnet command. Bolded items are what you type or copy/paste.

$ telnet localhost 80


Connected to localhost.localdomain (

Escape character is '^]'.


And press enter twice.

ahhh.. it's throwing a 301 error code because of the way my apache virtual hosts are setup…

telnet shows a redirect to the main web page because my default in apache is a RedirectPermanent to the main webpage

that solved it :D thanks!


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct