It's not a secret anymore!
The moose likes Tomcat and the fly likes Access Log : Meaning of Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Access Log : Meaning of "CONNECT HTTP/1.0" 400" Watch "Access Log : Meaning of "CONNECT HTTP/1.0" 400" New topic

Access Log : Meaning of "CONNECT HTTP/1.0" 400

Venugopal Pillai

Joined: Aug 02, 2012
Posts: 1

Can anyone please explain the meaning of the line "CONNECT HTTP/1.0" 400 in my Tomcat Access Log file? I have not configured any mailing programs. Please let know if this is a security threat.

Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17410

It's an attempt to leverage your tomcat server into being a spam proxy.

I don't think that in the normal course of events that you have anything to worry about as far as Tomcat goes. If you are fronting Tomcat with a stock webserver with proxying abilities such as Apache httpd, you should verify that you haven't accidentally set up reverse proxying that would allow Apache to be exploited.

I get dozens of these slimy mis-requests every day. Bastards.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: Access Log : Meaning of "CONNECT HTTP/1.0" 400
It's not a secret anymore!