Has any of you seen an entry like this in your Apache access logs?
AAA.BBB.CCC.DDD - - [20/Apr/2015:10:44:19 -0300] "GET http://testp4.pospr.waw.pl/testproxy.php HTTP/1.1" 404 376 "-" "Mozilla/5.0 (Windows NT 5.1; rv:32.0) Gecko/20100101 Firefox/31.0"
That .php file prints to your screen the IP address of open proxies in your network according to what I’ve read.
If so, what have you done to protect your web server against such bots? Any ideas will be more than welcome.