httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike -- EMAIL IGNORED <>
Subject [users@httpd] Re: Proposal to Optionally Block DNS
Date Tue, 25 Aug 2009 15:12:47 GMT
On Mon, 24 Aug 2009 17:27:06 -0700, J. Greenlees wrote:

> I propose this upgrade to Apache:
> Mike -- EMAIL IGNORED wrote:


> and using:
> #
> # HostnameLookups: Log the names of clients or just their IP addresses #
> e.g., (on) or (off). # The default is off
> because it'd be overall better for the net if people # had to knowingly
> turn this feature on, since enabling it means that # each client request
> will result in AT LEAST one lookup request to the # nameserver. #
> HostnameLookups Off
> that is already supported fails to meet your needs how?
> Jaqui
Thanks, I was not aware of this.  It almost explains what I have seen,
namely DNS activity greatly increased when I started using https.  But
not quite.  The Apache documentation for HostnameLookups indicates there
DNS will occur in any case in mod_authz_host is in use.  In my case,
"Allow from" is used, but only with "none", "all" and partial IP
addresses referring to the LAN.  Most notably, this use mod_authz_host
did not change (at least by me) when I began using https.  I presume,
therefore, that something else in https caused the change, although
I can't be sure of this because I did make substantial structural
changes to httpd.config .

I therefore revise my suggestion as follows:

   HostnameLookups Never

Simpliciter; use with caution.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message