• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Works as open Proxy Server

FloRet88

FloRet88

New Pleskian
Hello guys.

I get some questions / informations that the server will provide an open Proxy Server for everyone on Ubuntu 14 - Plesk 17.5.3!

How can i check or disable the proxy server, that nobody can use the server from outside?

If you need more informations, please ask for it - i don´t know where i should actually search for it.

As example: User find out the Server IP - and will put the IP into the Browser "Proxy" - Settings and the server will handle all requests.

Thanks.
 
Ok - i missed some informations!

There is used apache with mod_proxy and following modules - proxy_http, proxy, proxy_fcgi, proxy_ajp

and following additional rules for apache:

ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/
 
Ok, that means i should use nginx instead of apache for this ProxyPassReverse?

Thanks for your help and time!!
 
You can use Nginx as a reverse proxy for Apache, or you can disable it and use only Apache.
 
That´s clear. But this Apache "redirect" or proxy is used to redirect an external request at "www.domain.tld/App/" to an alone standing Tomcat Instance (not Plesk)!

My question is regarding, how can i close the open proxy for everyone, that nobody can use it to fire spam mails, or illegal request via our server?

Thanks.
 
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/

It's still not an open proxy server like you implied.
Click to expand...

Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
 
FloRet88 said:
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/



Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
Click to expand...

Yes, it's not an open proxy. It will act as a reverse-proxy for your Tomcat service only on /App/ location and will not proxied to another destination than 127.0.0.1:8080
 
Hmm.. strange!

With changing the
Code: 
ProxyRequests On
to
Code: 
ProxyRequests Off
the "open proxy access" isn´t anymore open and redirect to urls like
Code: 
http://www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttph

So it was an open proxy in my opinion!

The Reverse Proxy for the redirect is still working.

Is that now secure enough?
 
You must log in or register to reply here.

Similar threads

P
Issue Certificate problem in Plesk
Replies
5
Views
331
Raul A.
R
B
Question Reverse Proxy Setup: VPS + Mikrotik DDNS – Feeling Lost
Replies
0
Views
440
BTTech
B
E
Issue Using an external reverse proxy (nginx) server -> Plesk Obsidian Almalinux
Replies
4
Views
1K
Edric2023
E
I
Question Configuring Plesk with a Reverse Proxy and Cloudflare
Replies
1
Views
3K
kriteodoro
K
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
1
Views
152
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top