[Mailman-Users] Web Admin Security Question
Mark Sapiro
mark at msapiro.net
Sat May 26 02:40:07 CEST 2012
On 5/23/2012 12:15 PM, Dennis Putnam wrote:
>
> I also figured out how to add debug info for the rewrite engine. I don't
> know what is supposed to be there but here is what I got (the
> implication being I must have the wrong condition or rule).
>
> 64.100.144.9 - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (2) init
> rewrite engine with requested uri /mailman/listinfo
> 64.100.144.9 - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
> pattern '^/mailman(/.*)' to uri '/mailman/listinfo'
> 64.100.144.9 - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
> pattern '^/cufs(/.*)' to uri '/mailman/listinfo'
> 64.100.144.9 - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (1) pass
> through /mailman/listinfo
I had an off list exchange with Dennis and finally figured out the issue
here.
The above log entries are what one will see with a RewriteCond and
RewriteLogLevel 3 when the RewriteCond is not satisfied.
The FAQ at <http://wiki.list.org/x/7oA9> recommends using
RewriteCond %{HTTPS} off [NC]
It turns out that Dennis was using
RewriteCond %{HTTPS} Off
and the value of %{HTTPS} was not a case sensitive match for Off. I
added a note to the FAQ to discourage omitting the [NC] (no case flag).
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list