One of the things about using Freenode is that they scan you when you
connect to them. As a user, you agree to that. That's not a problem
for me, but it pointed out something recently.
I run Apache 2.2.11 with mod_proxy. I only allow, or so I thought,
proxy connections from internal hosts. ProxyRequests is Off for my
virtual server that faces the Internet. Freenode checks for that.
When they scanned me, my Apache correctly responded 405 to their CONNECT
request for a non-local URL, but it happily responded 200 to their POST
request for a non-local URL. POST scanning from them is new within the
last week.
I've been unable to find any mention of this behavior of httpd on the
web, including apache.org and BugTraq, the two (I think) most obvious
places to check.
It seems logical to me that Freenode now does this scan because they
know something. But other than discovering I'm vulnerable to it, I
haven't been able to find anything about it.
It seems like an Apache bug to me. What does anybody know?
Linux