Salve,
di seguito qualche ulteriore link sul prozy, la soluzione migliore sarebbe quella di non renderlo pubblico:
http://www.serverwatch.com/tutorials...0825_3092521_3
http://httpd.apache.org/docs/2.1/mod/mod_proxy.html
http://openskills.info/release/apach...ella_banda.htm
blocco accessi:
http://httpd.apache.org/docs/1.3/mod/mod_access.html
ProxyRequests On
<Directory proxy:*>
AuthType Basic
AuthName "Secure Area"
AuthUserFile "/path/to/passwd"
require valid-user
</Directory>
Da Zope:
There is a security problem insofar that if you setup your server just like this it will be a public proxy that people can use to cover their traces when accessing other websites. To disable this behavior you could e.g. add a LocationMatch directive to your httpd.conf that denies every request that doesn't start with a slash.
<LocationMatch "^[^/]">
Deny from all
</LocationMatch>