httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: hostname lookups
Date Tue, 01 Jul 1997 06:37:42 GMT
I think that what Dean supplied the patch for (do lookups even if
hostnamelookups are off iff there is a domain-based authentication
statement) is probably the cleanest way of dealing with this.

Simply putting in a Limit statement doesn't imply that hostnamelookups
should be enabled, but putting in an "allow from domain.com" sure does.

On Tue, 1 Jul 1997, Randy Terbush wrote:

> > Ok I'll revert the 1.2.1 changes.  The main intention of making the
> > default off is to prevent new sites from coming online with
> > hostnamelookups when they don't really need them.  But I guess enough
> > people start from the .conf-dist files and just edit back in their own
> > local changes that it'll be an issue.  I always assume people know they
> > can just use their existing config files. 
> > 
> > It may be possible to add a warning in mod_access during config time that
> > says "hostname lookups are off, but you've asked for resolution based on
> > hostnames". 
> 
> How about an implicit "HostnameLookups on" in the directory config 
> where <Limit> appears?
> 
> 
> 
> > Dean
> > 
> > On Tue, 1 Jul 1997, Marc Slemko wrote:
> > 
> > > My vote is turn hostnamelookups back on for 1.2.1, then consider what we
> > > want to do for 1.3.  There are too many unresolved issues.
> > > 
> > > There is a big difference between running a server with hostnamelookups on
> > > and resolving the names later.  If you process a week's worth of logfiles
> > > and cache the results, you will do a lot less lookups than if you do them
> > > when you get the request.  Just as importantly, lookups take time and add
> > > another serialization to the process.
> > > 
> > > On Mon, 30 Jun 1997, Randy Terbush wrote:
> > > 
> > > > FTR - I don't view having 'HostnameLookups on' as that big of a 
> > > > problem. Certainly not big enough to justify the tidal wave of "bug"
> > > > reports that this will surely generate. 
> > > > 
> > > > What is the difference between me running servers with 
> > > > HostnameLookups on and having a log processor running on the side 
> > > > resolving an endless stream of requests?
> > > > 
> > > > The real problem here is the thousands of sites out there that 
> > > > can't seem to configure reverse lookups for their clients. If the 
> > > > address can be resolved, it is in local cache and that is the end 
> > > > of it. If it can't be resolved, it creates an endless number of 
> > > > failed attempts everywhere it goes on the net.
> > > > 
> > > > If we want to do the net a favor, add the code to refuse serving 
> > > > clients with addresses that cannot be resolved. That way we shift 
> > > > the bug reports off to the service providers. :-)
> > > > 
> > > > IMHO - This type of change does not belong in 1.2.x
> > > > 
> > > > 
> > > > 
> > > > 
> > > 
> > > 
> 
> 
> 


Mime
View raw message