Modules |Directives |FAQ |Glossary |Sitemap
Apache HTTP Server Version 2.4
| Description: | mod_proxy extension forCONNECT request handling |
|---|---|
| Status: | Extension |
| Module Identifier: | proxy_connect_module |
| Source File: | mod_proxy_connect.c |
This modulerequires the service ofmod_proxy. It provides support for theCONNECT HTTP method. This method is mainly used to tunnel SSL requests through proxy servers.
Thus, in order to get the ability of handlingCONNECT requests,mod_proxy andmod_proxy_connect have to be present in the server.
CONNECT is also used when the server needs to send an HTTPS request through a forward proxy. In this case the server acts as a CONNECT client. This functionality is part ofmod_proxy andmod_proxy_connect is not needed in this case.
Do not enable proxying until you havesecured your server. Open proxy servers are dangerous both to your network and to the Internet at large.
mod_proxy_connect creates the following request notes for logging using the%{VARNAME}n format inLogFormat orErrorLogFormat:
| Description: | Ports that are allowed toCONNECT through theproxy |
|---|---|
| Syntax: | AllowCONNECTport[-port][port[-port]] ... |
| Default: | AllowCONNECT 443 563 |
| Context: | server config, virtual host |
| Status: | Extension |
| Module: | mod_proxy_connect |
| Compatibility: | Moved frommod_proxy in Apache 2.3.5.Port ranges available since Apache 2.3.7. |
TheAllowCONNECT directive specifies a list of port numbers or ranges to which the proxyCONNECT method may connect. Today's browsers use this method when ahttps connection is requested and proxy tunneling over HTTP is in effect.
By default, only the default https port (443) and the default snews port (563) are enabled. Use theAllowCONNECT directive to override this default and allow connections to the listed ports only.
Copyright 2025 The Apache Software Foundation.
Licensed under theApache License, Version 2.0.
