How to Stop Public IPs From Accessing Explicit Forward Proxy Services
Last Updated February 21, 2019
Proxy is intercepting unwanted traffic from external requests and forwarding them to a destination.
IE: CONNECT Request from [External IP address] Answered by proxy and forwarded to External Destination.
The proxy is able to be reached by the external world and will process explicit connections.
The ideal situation for having a proxy in your environment is that the proxy would be behind a NAT and this would make CONNECT requests
The next ideal situation would be to block port 8080 traffic before it gets to the proxy on the firewall.
However, should the situation arise that you need to manage this on the proxy please follow the instructions below.
Apply IP addresses required for source traffic at the service listener level (typically private IP address ranges are all you would need). This will cause the Proxy to only intercept traffic that comes from the IP address ranges specified. If you only specify private IP address ranges, then the Proxy will not intercept Public IP address sources.
Below is an example of doing this on the 8080 (default) Explicit proxy service:
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe