Apache HTTP Server Version 2.4
Apache HTTP Server Version 2.4
| Description: | mod_proxy extension for
CONNECT request handling |
|---|---|
| Status: | Extension |
| Module Identifier: | proxy_connect_module |
| Source File: | mod_proxy_connect.c |
This module requires the service of mod_proxy. It provides support for the CONNECT
HTTP method. This method is mainly used to tunnel SSL requests
through proxy servers.
Thus, in order to get the ability of handling CONNECT
requests, mod_proxy and
mod_proxy_connect have to be present in the server.
CONNECT is also used when the server needs to send an HTTPS request
through a forward proxy. In this case the server acts as a CONNECT client.
This functionality is part of mod_proxy and
mod_proxy_connect is not needed in this case.
Do not enable proxying until you have secured your server. Open proxy servers are dangerous both to your network and to the Internet at large.
mod_proxy_connect creates the following request notes for
logging using the %{VARNAME}n format in
LogFormat or
ErrorLogFormat:
| Description: | Ports that are allowed to CONNECT through the
proxy |
|---|---|
| Syntax: | AllowCONNECT port[-port]
[port[-port]] ... |
| Default: | AllowCONNECT 443 563 |
| Context: | server config, virtual host |
| Status: | Extension |
| Module: | mod_proxy_connect |
| Compatibility: | Moved from mod_proxy in Apache 2.3.5.
Port ranges available since Apache 2.3.7. |
The AllowCONNECT directive specifies a list
of port numbers or ranges to which the proxy CONNECT method
may connect. Today's browsers use this method when a https
connection is requested and proxy tunneling over HTTP is in effect.
By default, only the default https port (443) and the
default snews port (563) are enabled. Use the
AllowCONNECT directive to override this default and
allow connections to the listed ports only.
