[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-ssl
Subject: [apache-ssl] OT: Apache 1.3.11+SSL 1.38?
From: Drew Smith <drew () pctc ! com>
Date: 2000-01-26 19:11:52
[Download RAW message or body]
Hey guys, sorry for the slightly OT post;
I just rebuilt my apache+SSL+jrun+php3+mod_perl RPM, and upgraded the
dummy server to test it out. After installing, I tried to access the
test box from my desktop Linux machine, and received the error:
Bad Request
Your browser sent a request that this server could not understand.
Client sent malformed Host header
Apache/1.3.11 Ben-SSL/1.38 Server at rizzo_ssl Port 443
After looking through the changes file for the new version of apache, I
notice this:
*) More rigorous checking of Host: headers to fix security problems
with mass name-based virtual hosting (whether using mod_rewrite
or mod_vhost_alias).
[Ben Hyde, Tony Finch]
I'm loading both mod_rewrite AND mod_vhost_alias (I know, I don't need
them, I'm still tuning the server; building the ultimate apache RPM).
My real question is - does anyone have any further information about the
"more rigorous checking of Host: headers"? What exactly is it doing,
and why am I recieving this error? Is it something with my client
machine, or the server itself?
D'oh. Just solved it on my own - tried it from another machine, and it
works. Probably something to do with the slightly munged hostname on
this machine. $%&@#$@ RedHat install! Bah.
So, I guess, just be forewarned that people are having interesting
probs with the latest apache and SSL. :)
Cheers,
- Drew.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic