aspose file tools*
The moose likes Tomcat and the fly likes Securing Apache Server at port 8080 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Securing Apache Server at port 8080" Watch "Securing Apache Server at port 8080" New topic
Author

Securing Apache Server at port 8080

Deep Nair
Greenhorn

Joined: Dec 24, 2011
Posts: 13
Hi - I have a linux server configured with a major cloud service provider and I had installed a web app on Tomcat Server and also configured Apache as a proxy at port 8080 for my web site. Just yesterday when i logged into my cloud account, i found that the total bandwidth in and out is about 90GB though i had never used this much GB. When I inquired with the clould support folks they told me the below

It looks like you have port 8080 open as a http proxy Someone probably found that and has been using that.


What does this mean ? How can someone else use my apache server's port 8080 for their purpose ? How can i prevent this ? I have stopped my server at this point to avoid further misuse.

Please suggest.

Thanks, Deepna
Philip Thamaravelil
Ranch Hand

Joined: Feb 09, 2006
Posts: 99
Hello Deep, Why are you using apache as a proxy?

A proxy can be used to tunnel network traffic through your server, which explaind the bandwidth problem.
You most likely have a basic insecure proxy server configured that is being connected to by anonymous users.


Cheers,
Philip
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15662
    
  15

Google for "Open Proxy".

Internet abusers will exploit an insufficiently-secure proxy server in a number of ways. One of them is to hide their origins while spamming. You can see this in the Apache access logs because there will be a lot of URLs for foreign domain names, usually ending with ":25", which is the Well Known Port ID of the SMTP mail protocol.


Customer surveys are for companies who didn't pay proper attention to begin with.
Deep Nair
Greenhorn

Joined: Dec 24, 2011
Posts: 13
Philip - I used a proxy so that later on I can turn this proxy to a firewall proxy but in my initial setup - i did a mistake of not making it secure.
Tim- yes I need to check the logs in Apache, I understand the default path is

Thanks,
Deepna
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15662
    
  15

Look at access_log, instead. Unfortunately, if someone is successfully using you as a spam relay, it won't be an "error".
Deep Nair
Greenhorn

Joined: Dec 24, 2011
Posts: 13
Tim, I had configured my proxy as below i.e with ProxyRequests On which in one way makes my Apache Proxy as a Forward Proxy. Also I had an "Allow from all" so everyone had access to hit and use this as a "Forward Proxy"


Now to fix the issue - will the below two steps suffice i.e
-- Convert the Forward Proxy to Reverse Proxy i.e. by setting Proxy Requests to Off
-- Setup Allow from a particular url name
The code will look similar to below


Will this work to make the Server secured ?

Thanks,
Deepna
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Securing Apache Server at port 8080
 
Similar Threads
JSP Confustion
How does a proxy work!!!!
Can't access Tomcat 7 from network
[Tomcat6/mod_jk/Apache2.2] JkMount and Url patterns
Unsupported response content type "text/html", must be: "text/xml".