November 29, 2016 04:28PM
On 11/30/2016 09:17 AM, Lukas Tribus wrote:
>>> Does it cause warnings in the webmaster tools? Who cares?
>>> Does it affect your ranking? I doubt it.
>>> Does it index pages or error pages from the default website and assign to
>>> your website? I doubt that even more.
>> Does it upset my customer? YES.
>>
>> That's all the justification I need.
> That's fine, then why not just say that?
Why should I? I clearly defined the problem/misconfiguration. I don't
really see the need to justify why I want to fix it.
>
> Instead you pretended to know about a huge problem with (a) crawler(s) that
> would probably have affected every third website. That would have been a huge
> deal, that everyone wanted to know about, if real.
No. I said this would affect anyone using a mixed http/https setup over
SNI. I also said it was something I hadn't thought of, and as such was a
cock up in my configuration.
>
> If you come on this mailing list claiming you can remotely crash every nginx
> instance, most likely people would like to clarify specifics and fix the problem,
> don't you think?
If I did make that claim, I'd describe exactly how I just crashed
nginx.org. Of course I'd do that privately...
Interestingly, there are many posts on this subject, try googling them.
>
>
>
>> Feel free to disagree but I really did put up a request for suggestions
>> on how people solve this problem, not to have a philosophical debate on
>> the matter.
> What I wanted to know is if there is a major bug in one of the crawlers, which
> is more or less what you suggested. Now we know its not, and that's great,
> because that means SEO is not fucked up for millions of websites out there
> in a very common configuration.
Well, you told me it doesn't happen... WTF?
IT WILL CRAWL THE DEFAULT HTTPS: TARGET IF ALLOWED.
I'll leave you to do your own research if you don't believe me. Ass-u-me.
>
> Besides, I did provide suggestions about the only way to handle this in nginx
> (return specific error codes or certificates from the default server block) and
> what would be ideal instead (aborting the TLS handshake like haproxy does
> with strict-sni enabled).
And what cert would you use in this default block that matches, so the
crawler receives a meaningful response, rather than an incorrect cert (
which they don't like )?
I'm plenty old enough to realise I'll never know everything, and if my
knowledge is deficient in this field, please show me where, or point me
to where I can research further.

>
>
> lukas
>
Time to stop feeding the troll I think.

Steve

--
Steve Holdoway BSc(Hons) MIITP
http://www.greengecko.co.nz
Linkedin: http://www.linkedin.com/in/steveholdoway
Skype: sholdowa

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

SNI and certs.

GreenGecko November 28, 2016 02:40PM

AW: SNI and certs.

Lukas Tribus November 28, 2016 03:56PM

Re: SNI and certs.

jeffdyke November 28, 2016 04:10PM

Re: SNI and certs.

Jonathan Vanasco November 30, 2016 02:32PM

Re: SNI and certs.

GreenGecko November 30, 2016 05:12PM

Re: SNI and certs.

Jonathan Vanasco December 01, 2016 04:34PM

RE: SNI and certs.

Reinis Rozitis December 04, 2016 11:04AM

Re: SNI and certs.

Jonathan Vanasco December 04, 2016 04:14PM

Re: AW: SNI and certs.

GreenGecko November 28, 2016 07:48PM

AW: AW: SNI and certs.

Lukas Tribus November 29, 2016 03:30AM

Re: AW: SNI and certs.

Richard Stanway November 29, 2016 02:32PM

Re: AW: AW: SNI and certs.

GreenGecko November 29, 2016 02:40PM

AW: AW: AW: SNI and certs.

Lukas Tribus November 29, 2016 03:18PM

Re: AW: AW: AW: SNI and certs.

GreenGecko November 29, 2016 04:28PM

AW: AW: AW: AW: SNI and certs.

Lukas Tribus November 29, 2016 05:28PM

Re: AW: AW: AW: AW: SNI and certs.

itpp2012 November 30, 2016 01:39PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 117
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready