Question
How do i check to see if my server is running an open proxy?
- Posted on April 22, 2014
Asked by Will Rowe
If you have access to the nmap tool, you can check to see if your server is running an open, unsecured HTTP proxy by running the following from a remote location:<br><br><pre>sudo nmap -sS -sV -p 8080 --script http-open-proxy.nse X.X.X.X</pre> where X.X.X.X is the IP of your server.<br><br>Example:<br><br><pre><code><br><br># sudo nmap -sS -sV -p 8080 --script http-open-proxy.nse X.X.X.X<br><br>Starting Nmap 6.00 ( http://nmap.org ) at 2014-04-22 17:05 UTC<br><br>Nmap scan report for host.domain.com (X.X.X.X)<br><br>Host is up (0.078s latency).<br><br>PORT STATE SERVICE VERSION<br><br>8080/tcp open http Apache httpd<br><br>| http-open-proxy: Potentially OPEN proxy.<br><br>|_Methods supported: CONNECTION</code></pre><br><br>If the script returns “Potentially OPEN proxy.” you can then check to see if it is a open proxy that does not require authentication with:<br><br><pre><code>http_proxy=http://X.X.X.X:8080/ curl -4 -s http://nyc2.mirrors.digitalocean.com/tools/open_proxy_check.txt</code></pre><br><br>where X.X.X.X is your server’s IP address<br><br>If you see a message saying “If you are seeing this while running the open proxy text, your server is an open proxy.” then you are running an open proxy that anyone in the world can use to connect to any website. This is not a good situation, as it means that cybercriminals and other malicious entities can hide their activities and make it seem like their web connections are originating from your server, and you should secure it right away.If you are running squid, a method of securing your proxy is by using the “acl” feature:<br><br>http://www.squid-cache.org/Doc/config/acl/<br><br>If you are running Apache, this article may help:<br><br>http://wiki.apache.org/httpd/ProxyAbuse<br><br>If you have any questions, log into the DigitalOcean control panel, click on “Support” and open a support ticket!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
@tostring: <br> <br>We’d need to know some more information to help you. What is the output of the command shown above (remember to obscure your IP address)?
if your looking to see if a webserver supports CONNECT method… (google HTTP METHODs) that is beyond the scope of this
The title of this is HOW do i see if my server is running open proxy
check from a linux box to see if your web server has the CONNECT method enabled… this app depends on if your running nginx, apache2. by default the CONNECT method is disabled.
quick way to proxy thru a web server . if it has CONNECT enabled export http_proxy=‘http://[your domain/ip]:80’ ;curl -4 -L -s -v \ https://ifconfig.me
If you see an ip… anything other then your own ip, you have an open relay
verify your own ip with dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | cut -d “"” -f 2
since this is an old thread, no point in going on. if you want more help. reply
dj substance
How can we solve this issue?