• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Works as open Proxy Server

FloRet88

FloRet88

New Pleskian
Hello guys.

I get some questions / informations that the server will provide an open Proxy Server for everyone on Ubuntu 14 - Plesk 17.5.3!

How can i check or disable the proxy server, that nobody can use the server from outside?

If you need more informations, please ask for it - i don´t know where i should actually search for it.

As example: User find out the Server IP - and will put the IP into the Browser "Proxy" - Settings and the server will handle all requests.

Thanks.
 
Ok - i missed some informations!

There is used apache with mod_proxy and following modules - proxy_http, proxy, proxy_fcgi, proxy_ajp

and following additional rules for apache:

ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/
 
Ok, that means i should use nginx instead of apache for this ProxyPassReverse?

Thanks for your help and time!!
 
You can use Nginx as a reverse proxy for Apache, or you can disable it and use only Apache.
 
That´s clear. But this Apache "redirect" or proxy is used to redirect an external request at "www.domain.tld/App/" to an alone standing Tomcat Instance (not Plesk)!

My question is regarding, how can i close the open proxy for everyone, that nobody can use it to fire spam mails, or illegal request via our server?

Thanks.
 
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/

It's still not an open proxy server like you implied.
Click to expand...

Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
 
FloRet88 said:
It´s a little bit complicated to describe.

I try to explain that in detail.

First Part: There is one active Domain / Database for an Wordpress Installation (www.domain.tld) - via Apache Webserver, no nginx
Second Part: Second Database for TomCat Instance (manually installed / configured Tomcat v6), so the Tomcat Service was not installed via Plesk!

On the second part there is running an app, which needs to get the virtual domain directory www.domain.tld/App/ redirect to Tomcat directory /App/ via Port (8080 / 8443) - this will handled over following additional apache rule:

Code: 
ProxyRequests On
ProxyPreserveHost On
ProxyPass /App/ 127.0.0.1:8080/App/
ProxyPassReverse /App/ 127.0.0.1:8080/App/



Really? - We think, with this solution we opened the Server to work as a open proxy server! Are we wrong?

Hope this clears some questions.
Click to expand...

Yes, it's not an open proxy. It will act as a reverse-proxy for your Tomcat service only on /App/ location and will not proxied to another destination than 127.0.0.1:8080
 
Hmm.. strange!

With changing the
Code: 
ProxyRequests On
to
Code: 
ProxyRequests Off
the "open proxy access" isn´t anymore open and redirect to urls like
Code: 
http://www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttp/www.google.comhttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttphttph

So it was an open proxy in my opinion!

The Reverse Proxy for the redirect is still working.

Is that now secure enough?
 
You must log in or register to reply here.

Similar threads

P
Question Getting X-Forwarded-For IP address from behind a nginx proxy server
Replies
4
Views
2K
philglau
P
P
Issue Certificate problem in Plesk
Replies
5
Views
1K
Raul A.
R
B
Question Reverse Proxy Setup: VPS + Mikrotik DDNS – Feeling Lost
Replies
1
Views
1K
iberium456
I
C
Issue Apache mod_substitute & mod_proxy_html not doing anything, using mod_proxy
Replies
1
Views
837
ConquerThis
C
E
Issue Using an external reverse proxy (nginx) server -> Plesk Obsidian Almalinux
Replies
4
Views
2K
Edric2023
E
Back
Top