Infosecurity-magazine.com

Context discovers reverse web proxy security loophole; advises on remediation

According to the London-based security consultancy, which has been working with the Apache Software Foundation to advise users of the open source platform, it has developed a number of remediation ...
@DIME

Reverse Proxy Guide

In addition to being a "basic" web server, and providing static and dynamic content to end-users, Apache httpd (as well as most other web servers) can also act as a reverse proxy server, also-known-as ...
InfoWorld

Unpatched Apache reverse proxy flaw allows access to internal network

A yet-to-be-patched flaw discovered in the Apache HTTP server allows attackers to access protected resources on the internal network if some rewrite rules are not defined properly. The vulnerability ...
Dark Reading

Apache Issues Patch To Stop Reverse-Proxy Bypass Attack

It all boils down to a missing forward-slash symbol: A newly discovered method of attack could let hackers access databases, firewalls, routers, and other internal network resources via misconfigured ...
Ars Technica

Apache 2.4 reverse-proxying and websockets

I'm trying to work out why Apache (or the app it's proxying) isn't playing nicely. I suspect it's the way I've configured the Apache proxying, so I need another set of eyeballs please. Ubuntu 13.10, ...
@DIME

Apache Module mod_proxy

Do not enable proxying with ProxyRequests until you have secured your server. Open proxy servers are dangerous both to your network and to the Internet at large. mod_proxy and related modules ...