[Bug 62003] New: [req] Add client IP to "Hostname %s provided via SNI..." messages

bugzilla Tue, 16 Jan 2018 00:16:53 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=62003


            Bug ID: 62003
           Summary: [req] Add client IP to "Hostname %s provided via
                    SNI..." messages
           Product: Apache httpd-2
           Version: 2.4.29
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Hello,

Apache logs when Hostname provided via SNI & HTTP are not the same :

Hostname %s provided via SNI, but no hostname provided in HTTP request
Hostname %s provided via SNI and hostname %s provided via HTTP are different
Hostname %s provided via SNI and hostname %s provided via HTTP have no
compatible SSL setup

Unfortunately, client IP is not given into these messages.
It would be good to have it so that we could ban if we detect these entries as
attack attempts.
(https://github.com/fail2ban/fail2ban/issues/2017)

Could you then add client IP to these messages please ?
And then backport this tiny change to Apache 2.4.X ?

Thank you very much !

Best regards,

Ben

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 62003] New: [req] Add client IP to "Hostname %s provided via SNI..." messages

Reply via email to