A vulnerability report was released in Apache.  For details, you may refer to

https://www.apache.org/security/asf-httpoxy-response.txt
https://access.redhat.com/security/vulnerabilities/httpoxy

It involves the web server and PHP level.

If you are using sharing hosting, you may use a test script to detect it whether it is vulnerable or not.  (If vulnerable, you shall inform your provider to update it)

If you are renting VPS, Cloud server, or dedicated server, you shall consider to update on yourself immediately.

As no matter your WordPress is how updated, when involves, according to httpoxy.org

– Proxy the outgoing HTTP requests made by the web application
– Direct the server to open outgoing connections to an address and port of their choosing
– Tie up server resources by forcing the vulnerable software to use a malicious proxy

Test Script: http://files1.directadmin.com/services/all/test_proxy_header.php

Pin It on Pinterest

Share This