[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] keyserver.cns.vt.edu updates: RProxy + port 80
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] keyserver.cns.vt.edu updates: RProxy + port 80 |
|
Date: |
Thu, 26 Jul 2012 13:41:35 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0 |
On 2012-07-26 08:54, Stephan Seitz wrote:
>
>
> Am Mittwoch, den 25.07.2012, 23:49 +0200 schrieb Kristian Fiskerstrand:
>> On 2012-07-25 23:15, Phil Benchoff wrote:
>>
>>>
>>> sks-keyservers.net has not detected our proxy. I'm pretty sure our server
>>> sends back the Server header from the SKS keyserver on reverse-proxied
>>> requests. Is that what they're looking at?
>>
>> Indeed using the HTTP Server header in this determination. To be
>> detected as a reverse proxy it should contain either "nginx" or "apache"
>> (or whatever other term that is applicable, but atm those are the two
>> terms in the list)
>
> Hi,
>
> wouldn't the test be more reliable by checking against the existence of
> a Via: header?
No, nginx does not provide such header (at least not in my setup), see
below.
address@hidden ~ $ wget -S
"http://keys.kfwebs.net:11371/pks/lookup?op=stats";
--2012-07-26 13:40:05-- http://keys.kfwebs.net:11371/pks/lookup?op=stats
Resolving keys.kfwebs.net... 2001:16d8:ee30::4, 213.161.224.2
Connecting to keys.kfwebs.net|2001:16d8:ee30::4|:11371... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Server: nginx/1.0.14
Date: Thu, 26 Jul 2012 11:40:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=20
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-length: 42762
Length: 42762 (42K) [text/html]
Saving to: `lookup?op=stats.2'
--
----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
signature.asc
Description: OpenPGP digital signature