If you have seen entries in your access.log file like this one…
a.b.c.d – - [24/Apr/2004:23:00:00 +0200] “GET http://www.google.com/” 200 46124
This means that a.b.c.d is trying to access www.google.com using your Apache as a proxy. As you can see the response status 200 indicates success and the data returned is 46124 bytes long.
If you don’t want your server to be used as a forward proxy make sure that ProxyRequests directive is set to Off, even better do not load mod_proxy module.
Despite the fact the entry shown in the previous example says that the request succeded, this is not necessarily true. Try the following to test your server:
telnet www.yoursite.com 80
GET http://www.google.com/
Watch the access.log file. If you see the code status 200, compare the bytes returned by Apache (the last field in the log entry) with your homepage size (your index.html). If they match, Apache is serving your homepage instead of forwarding the request to google. If they don’t, probably your Apache is an open forwarding proxy.
References: