U.S. Flag Official website of the Department of Homeland Security

Apache HTTP Server Reverse Proxy Bypass

Original release date: October 07, 2011 | Last revised: October 23, 2012

The Apache Foundation has issued a Security Advisory to address a vulnerability in Apache HTTP Server's reverse proxy mode. Exploitation of this vulnerability may allow a remote attacker to gain access to internal systems.

US-CERT encourages users and administrators to review the Apache HTTP Server Security Advisory mod_proxy reverse proxy exposure and apply any necessary updates or workarounds to help mitigate the risks.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top