As an aside, should the documentation extract below actually read:
acl local_dsthdr(Host) -i localhost
^
^
i.e. is the name of the header case sensitive? In my attempts to work this
out I think that I had to use 'Host' rather th
Hi *,
2010/4/28 Andrew Commons :
> acl xxx_url url_beg -i http://xxx.example.com
> acl xxx_url url_sub -i xxx.example.com
> acl xxx_url url_dom -i xxx.example.com
The Url is the part of the URI without the host :)
A http request looks like
--
Powered by PHPlist, www.phplist.com --
<>
Hi Beni,
Thank for responding :-)
The doco states that:
url_beg
Returns true when the URL begins with one of the strings. This can be used to
check whether a URL begins with a slash or with a protocol scheme.
So I'm assuming that "protocol scheme" means http:// or ftp:// or whatever
Hi Andrew,
2010/4/28 Andrew Commons :
> url_beg
> Returns true when the URL begins with one of the strings. This can be used to
> check whether a URL begins with a slash or with a protocol scheme.
>
> So I'm assuming that "protocol scheme" means http:// or ftp:// or whatever
I would assum
Hi Beni,
A few things to digest here.
What was leading me up this path was a bit of elementary (and probably naïve)
white-listing with respect to the contents of the Host header and the URI/L
supplied by the user. Tools like Fiddler make request manipulation trivial so
filtering out 'obvious'
I've noticed some interesting behaviour with persistance cookies and
haproxy.
Let's say you use the following settings in your haproxy.cfg:
cookie SERVERID insert indirect
server static1 172.25.0.10:1080 cookie server1 check inter 15s
server static2 172.25.0.11:1080 cookie server2 check int
On Wed, Apr 28, 2010 at 7:51 PM, Andrew Commons
wrote:
> Hi Beni,
>
> A few things to digest here.
>
> What was leading me up this path was a bit of elementary (and probably naïve)
> white-listing with respect to the contents of the Host header and the URI/L
> supplied by the user. Tools like Fi
Hi,
We're looking to upgrade our HAProxy hardware soon. Does anyone have any
recommendations on the things we should be looking for? e.g. Are there any
NICs we should use/avoid?
Our site primarily serves lots of small objects.
Kind regards,
Alex
Hi *,
> (2) Host header is www.example.com
> (3) All is good! Pass request on to server.
> (2) Host header is www.whatever.com
> (3) All is NOT good! Flick request somewhere harmless.
If that's all you want, you should be able to go with
acl xxx_host hdr(Host) -i xxx.example.com
block
Hello,
On Wed, Apr 28, 2010 at 02:39:32PM -0400, johnskar...@informed-llc.com wrote:
>
> Greetings.
>
>
> I've got a quick question about logging in haproxy. We've got a setup that
> utilizes nginx has the ssl decryptor who then passes off decrypted http
> requests to haproxy, who then does
On Wed, Apr 28, 2010 at 09:21:31PM +0930, Andrew Commons wrote:
> Hi Beni,
>
> A few things to digest here.
>
> What was leading me up this path was a bit of elementary (and probably naïve)
> white-listing with respect to the contents of the Host header and the URI/L
> supplied by the user. Too
Hi Corin,
On Wed, Apr 28, 2010 at 08:50:46AM +0200, Corin Langosch wrote:
> Hi!
>
> I wonder how maxconn and weight (both in a server statement) exactly
> interact. The docs in section 5 says about maxconn:
They don't interact. Weight is only used as a number of occurrences in
a load balancing c
On 2010-04-28 19:10, Alex Forrow wrote:
> We're looking to upgrade our HAProxy hardware soon. Does anyone have any
> recommendations on the things we should be looking for? e.g. Are there
> any NICs we should use/avoid?
Hi Alex,
I'm just writing down here what comes to my mind. Sorry if it looks
On Wed, Apr 28, 2010 at 06:21:34PM +0930, Andrew Commons wrote:
> As an aside, should the documentation extract below actually read:
>
> acl local_dsthdr(Host) -i localhost
> ^
> ^
> i.e. is the name of the header case sensitive
On Wed, Apr 28, 2010 at 10:51:16AM -0500, Graham Barr wrote:
> On Apr 28, 2010, at 12:53 AM, Willy Tarreau wrote:
> > On Tue, Apr 27, 2010 at 05:07:12PM -0500, Graham Barr wrote:
> >> We are using 1.4.4 but whenever we access the stats via
> >> /admin?stats;norefresh we are unable to get the full
Hi all,
Le mardi 27 avril 2010 22:31:10, Willy Tarreau a écrit :
> Hello Damien,
>
> On Tue, Apr 27, 2010 at 10:33:41AM +0200, Damien Hardy wrote:
> > Hello all,
> >
> > haproxy docs are quite difficult to manipulate.
> >
> > I had begun a Greasemonkey
> > (https://addons.mozilla.org/fr/firefox/
Actually, I should have mentioned at the beginning that we are using
websockets to communicate with a *stateful* server, so we don't want to
close the connection. However, explicitly declaring "mode http" in either
the defaults section or the frontend & backend sections has made things
happy.
Now,
Hi Dustin,
On Wed, Apr 28, 2010 at 04:51:41PM -0700, Dustin Moskovitz wrote:
> Actually, I should have mentioned at the beginning that we are using
> websockets to communicate with a *stateful* server, so we don't want to
> close the connection.
I'm not speaking about closing the websockets conne
Hi,
Why do you want to persist a cachable request to a backend server?
I use "cookie PHPSESSID prefix" to persist users only when needed. (if they
got a session from logging in)
Karsten
Am Mittwoch, 28. April 2010 schrieb John Marrett:
> I've noticed some interesting behaviour with persistanc
Hi all,
On Mit 28.04.2010 23:16, Cyril Bonté wrote:
Hi all,
Le mardi 27 avril 2010 22:31:10, Willy Tarreau a écrit :
Hello Damien,
On Tue, Apr 27, 2010 at 10:33:41AM +0200, Damien Hardy wrote:
> Hello all,
>
> haproxy docs are quite difficult to manipulate.
>
> I had begun a Greasemonkey
>
21 matches
Mail list logo