Hi, I 'm a Linux newbie and I could use some Apache help here.
I recently discovered that my Apache installation had an open proxy (thank you, Mandrake default setup), and may have been relaying spam.
Anyway, I figured out how to disable mod_proxy in the configuration file, so all should be fine. But the moment I restart httpd, I get a flood of messages in access_log and error_log. The access_log ones are particularly weird, because my machine is receiving about 2 requests per second from who-knows-where. The requests seem to include long, random URLs for a variety of domains.
Most of the entries in access_log take the form GET http://some-url
followed by two numbers (error codes?), a second URL (referer string?) and a user-agent ID. Here's an example:
HTTP/1.0" 404 411 "http://www.wondersky.net/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
Some of the entries start with CONNECT or HEAD instead.
Can someone tell me what's going on here? Why are all these weird requests hitting my machine? What is Apache doing about them? How do I make it stop?