Stopping “connect” attacks in apache (solution)

Post author By David Raleche
Post date December 19, 2019
No Comments on Stopping “connect” attacks in apache (solution)

Then add the following right after it and restart apache to activate.

# Second, we configure the "default" Location to restrict the methods
allowed
# to stop CONNECT method attacks.
#

Order allow,deny Deny from all

I don’t like the idea of my server responding to requests for random hostnames, even if it serves local content. How can I deny these requests?

<VirtualHost *:80>
  ServerName default.only
  <Location />
    Order allow,deny
    Deny from all
  </Location>
</VirtualHost>

By David Raleche

Twitter : https://twitter.com/DavidRaleche
Newsletter : Subscribe here
Store : https://david.raleche.com/shop

View Archive

I don’t like the idea of my server responding to requests for random hostnames, even if it serves local content. How can I deny these requests?

By David Raleche

Leave a Reply Cancel reply