[Mailman-Users] Web Admin Security Question

Mark Sapiro mark at msapiro.net
Sat May 26 02:40:07 CEST 2012

On 5/23/2012 12:15 PM, Dennis Putnam wrote:
> I also figured out how to add debug info for the rewrite engine. I don't
> know what is supposed to be there but here is what I got (the
> implication being I must have the wrong condition or rule).
> - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (2) init
> rewrite engine with requested uri /mailman/listinfo
> - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
> pattern '^/mailman(/.*)' to uri '/mailman/listinfo'
> - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
> pattern '^/cufs(/.*)' to uri '/mailman/listinfo'
> - - [23/May/2012:14:54:21 --0400]
> [myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (1) pass
> through /mailman/listinfo

I had an off list exchange with Dennis and finally figured out the issue

The above log entries are what one will see with a RewriteCond and
RewriteLogLevel 3 when the RewriteCond is not satisfied.

The FAQ at <http://wiki.list.org/x/7oA9> recommends using

RewriteCond %{HTTPS}        off [NC]

It turns out that Dennis was using

RewriteCond %{HTTPS}        Off

and the value of %{HTTPS} was not a case sensitive match for Off. I
added a note to the FAQ to discourage omitting the [NC] (no case flag).

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list