httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: hostname lookups
Date Tue, 01 Jul 1997 15:24:51 GMT
> I think that what Dean supplied the patch for (do lookups even if
> hostnamelookups are off iff there is a domain-based authentication
> statement) is probably the cleanest way of dealing with this.
> 
> Simply putting in a Limit statement doesn't imply that hostnamelookups
> should be enabled, but putting in an "allow from domain.com" sure does.

I understand. I was just suggesting the next level up just in case.




> On Tue, 1 Jul 1997, Randy Terbush wrote:
> 
> > > Ok I'll revert the 1.2.1 changes.  The main intention of making the
> > > default off is to prevent new sites from coming online with
> > > hostnamelookups when they don't really need them.  But I guess enough
> > > people start from the .conf-dist files and just edit back in their own
> > > local changes that it'll be an issue.  I always assume people know they
> > > can just use their existing config files. 
> > > 
> > > It may be possible to add a warning in mod_access during config time that
> > > says "hostname lookups are off, but you've asked for resolution based on
> > > hostnames". 
> > 
> > How about an implicit "HostnameLookups on" in the directory config 
> > where <Limit> appears?
> > 
> > 
> > 
> > > Dean
> > > 
> > > On Tue, 1 Jul 1997, Marc Slemko wrote:
> > > 
> > > > My vote is turn hostnamelookups back on for 1.2.1, then consider what
we
> > > > want to do for 1.3.  There are too many unresolved issues.
> > > > 
> > > > There is a big difference between running a server with hostnamelookups
on
> > > > and resolving the names later.  If you process a week's worth of logfiles
> > > > and cache the results, you will do a lot less lookups than if you do them
> > > > when you get the request.  Just as importantly, lookups take time and
add
> > > > another serialization to the process.
> > > > 
> > > > On Mon, 30 Jun 1997, Randy Terbush wrote:
> > > > 
> > > > > FTR - I don't view having 'HostnameLookups on' as that big of a 
> > > > > problem. Certainly not big enough to justify the tidal wave of "bug"
> > > > > reports that this will surely generate. 
> > > > > 
> > > > > What is the difference between me running servers with 
> > > > > HostnameLookups on and having a log processor running on the side

> > > > > resolving an endless stream of requests?
> > > > > 
> > > > > The real problem here is the thousands of sites out there that 
> > > > > can't seem to configure reverse lookups for their clients. If the

> > > > > address can be resolved, it is in local cache and that is the end

> > > > > of it. If it can't be resolved, it creates an endless number of 
> > > > > failed attempts everywhere it goes on the net.
> > > > > 
> > > > > If we want to do the net a favor, add the code to refuse serving

> > > > > clients with addresses that cannot be resolved. That way we shift

> > > > > the bug reports off to the service providers. :-)
> > > > > 
> > > > > IMHO - This type of change does not belong in 1.2.x
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > 
> > > > 
> > 
> > 
> > 




Mime
View raw message