I've got a linux server set up having a major cloud company and that i had installed an internet application on Tomcat Server as well as set up Apache like a proxy at port 8080 for my site. Just yesterday after i drenched into my cloud account, i discovered the total bandwidth out and in is all about 90GB though i'd not used at all that much GB. After I asked using the clould support folks they explained the below
It appears as if you have port 8080 open like a http proxy Someone most likely discovered that and it has used that.
Exactly what does this suggest ? Just how can another person use my apache server's port 8080 for his or her purpose ? How do i prevent this ? I've stopped my server at this time to prevent further misuse.
You began a proxy server. The proxy server functions by getting people send a request saying, "fetch me page http://example.com", and also the proxy goes and brings it.
Others then proceeded to apply your proxy server to fetch webpages of the choice. As if you were advised, it had been a wide open proxy. "open" means unrestricted.
If you are planning to create a proxy server around the wide Internet, you have to setup proper authentication and authorization. Note the big, visible warning towards the top of the mod_proxy documentation, the go to stick to the linked directions. You might want username/password authentication rather than IP-based. Should you choose use fundamental auth, make certain to make use of SSL along with it. If you're only while using proxy to gain access to one web site, you can alternately not restrict who helps make the request, and rather restrict what might be asked for.
Well using their reply it may sound like someone may have the ability to see the web and download files etc using your server.
Essentially let us say someone really wants to download a 1GB file from the website rather than them installing it directly they download it via your server, hence growing your bandwidth usage. Check what's visible on http://www.yoursite.com:8080 ?
"a proxy server is really a server (a pc system or perhaps an application) that functions being an intermediary for demands from clients seeking assets using their company servers. A customer connects towards the proxy server, asking for some service, like a file, connection, web site, or any other resource offered by another server. "