• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Works as open Proxy Server

FloRet88

New Pleskian
Hello guys.

I get some questions / informations that the server will provide an open Proxy Server for everyone on Ubuntu 14 - Plesk 17.5.3!

How can i check or disable the proxy server, that nobody can use the server from outside?

If you need more informations, please ask for it - i don´t know where i should actually search for it.

As example: User find out the Server IP - and will put the IP into the Browser "Proxy" - Settings and the server will handle all requests.

Thanks.
 
Ok - i missed some informations!

There is used apache with mod_proxy and following modules - proxy_http, proxy, proxy_fcgi, proxy_ajp

and following additional rules for apache:

ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/
 
Ok, that means i should use nginx instead of apache for this ProxyPassReverse?

Thanks for your help and time!!
 
You can use Nginx as a reverse proxy for Apache, or you can disable it and use only Apache.
 
That´s clear. But this Apache "redirect" or proxy is used to redirect an external request at "www.domain.tld/App/" to an alone standing Tomcat Instance (not Plesk)!

My question is regarding, how can i close the open proxy for everyone, that nobody can use it to fire spam mails, or illegal request via our server?

Thanks.
 
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code:
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/

It's still not an open proxy server like you implied.

Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
 
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code:
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/



Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.

Yes, it's not an open proxy. It will act as a reverse-proxy for your Tomcat service only on /App/ location and will not proxied to another destination than 127.0.0.1:8080
 
Hmm.. strange!

With changing the
Code:
ProxyRequests On
to
Code:
ProxyRequests Off
the "open proxy access" isn´t anymore open and redirect to urls like
Code:
http://www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttph

So it was an open proxy in my opinion!

The Reverse Proxy for the redirect is still working.

Is that now secure enough?
 
Back
Top