need help please "CONNECT login.icq.com:443 HTTP/1.0" Apache hacked

R

rndinit0

Verified User
Joined
Jan 15, 2005
Messages
91
I found this in my apache access logs today.
Apache CPU utilization is up to 99%.
I understand that my apache server is being used as a proxy.
How do I fix this?

Code: 
87.194.123.92 - - [07/Jul/2009:14:12:38 +0300] "CONNECT login.icq.com:443 HTTP/1.0" 404 627
87.194.123.92 - - [07/Jul/2009:14:12:38 +0300] "CONNECT login.icq.com:443 HTTP/1.0" 404 627
87.194.123.92 - - [07/Jul/2009:14:12:39 +0300] "CONNECT login.icq.com:443 HTTP/1.0" 404 627
87.194.123.92 - - [07/Jul/2009:14:12:39 +0300] "CONNECT login.icq.com:443 HTTP/1.0" 404 627
87.194.123.92 - - [07/Jul/2009:14:12:48 +0300] "CONNECT login.icq.com:443 HTTP/1.0" 404 627
 
Heres the dump, in the mean time I watched the logs and banned IP's server seems better now. But Id still want to prevent this from happening again.

Code: 
Warning: DocumentRoot [/home/user/domains/asgtc.com/public_html/crm] does not exist
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.53:80 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.53:443 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.54:80 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.54:443 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.55:80 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.55:443 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.61:80 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.61:443 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.56:80 has no VirtualHosts
[Fri Jul 10 20:55:33 2009] [warn] NameVirtualHost 64.125.185.56:443 has no VirtualHosts
Loaded Modules:
 core_module (static)
 authn_file_module (static)
 authn_default_module (static)
 authz_host_module (static)
 authz_groupfile_module (static)
 authz_user_module (static)
 authz_default_module (static)
 auth_basic_module (static)
 include_module (static)
 filter_module (static)
 deflate_module (static)
 log_config_module (static)
 logio_module (static)
 env_module (static)
 headers_module (static)
 unique_id_module (static)
 setenvif_module (static)
 proxy_module (static)
 proxy_connect_module (static)
 proxy_ftp_module (static)
 proxy_http_module (static)
 proxy_ajp_module (static)
 proxy_balancer_module (static)
 ssl_module (static)
 mpm_prefork_module (static)
 http_module (static)
 mime_module (static)
 dav_module (static)
 status_module (static)
 autoindex_module (static)
 asis_module (static)
 suexec_module (static)
 cgi_module (static)
 dav_fs_module (static)
 dav_lock_module (static)
 negotiation_module (static)
 dir_module (static)
 actions_module (static)
 userdir_module (static)
 alias_module (static)
 rewrite_module (static)
 so_module (static)
 php5_module (shared)
 suphp_module (shared)
Syntax OK
 
Last edited:
Remove these modules from httpd.conf
Code: 
 proxy_module (static)
 proxy_connect_module (static)
 proxy_ftp_module (static)
 proxy_http_module (static)
 proxy_ajp_module (static)
 proxy_balancer_module (static)
 
You must log in or register to reply here.
Back
Top