• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question Works as open Proxy Server

FloRet88

FloRet88

New Pleskian
Hello guys.

I get some questions / informations that the server will provide an open Proxy Server for everyone on Ubuntu 14 - Plesk 17.5.3!

How can i check or disable the proxy server, that nobody can use the server from outside?

If you need more informations, please ask for it - i don´t know where i should actually search for it.

As example: User find out the Server IP - and will put the IP into the Browser "Proxy" - Settings and the server will handle all requests.

Thanks.
 
Ok - i missed some informations!

There is used apache with mod_proxy and following modules - proxy_http, proxy, proxy_fcgi, proxy_ajp

and following additional rules for apache:

ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/
 
Ok, that means i should use nginx instead of apache for this ProxyPassReverse?

Thanks for your help and time!!
 
You can use Nginx as a reverse proxy for Apache, or you can disable it and use only Apache.
 
That´s clear. But this Apache "redirect" or proxy is used to redirect an external request at "www.domain.tld/App/" to an alone standing Tomcat Instance (not Plesk)!

My question is regarding, how can i close the open proxy for everyone, that nobody can use it to fire spam mails, or illegal request via our server?

Thanks.
 
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/

It's still not an open proxy server like you implied.
Click to expand...

Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
 
FloRet88 said:
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/



Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
Click to expand...

Yes, it's not an open proxy. It will act as a reverse-proxy for your Tomcat service only on /App/ location and will not proxied to another destination than 127.0.0.1:8080
 
Hmm.. strange!

With changing the
Code: 
ProxyRequests On
to
Code: 
ProxyRequests Off
the "open proxy access" isn´t anymore open and redirect to urls like
Code: 
http://www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttph

So it was an open proxy in my opinion!

The Reverse Proxy for the redirect is still working.

Is that now secure enough?
 
You must log in or register to reply here.

Similar threads

E
Issue Using an external reverse proxy (nginx) server -> Plesk Obsidian Almalinux
Replies
4
Views
884
Edric2023
E
I
Question Configuring Plesk with a Reverse Proxy and Cloudflare
Replies
1
Views
2K
kriteodoro
K
T
Resolved nginx/apache proxy issue on all domains and webmail / ubuntu 22.04 on arm / external ip instead of localhost
Replies
7
Views
278
Nygård
N
C
Issue New Configuration not created
Replies
3
Views
387
Peter Debik
P
O
File Browser options are unavailable when search
Replies
2
Views
917
Peter Debik
P
Back
Top