This problem also affects Apache, Netscape Enterprise Server, and probably many others. Apache responds this way if the ServerName directive is not set (or is set to the internal IP) and the UseCanonicalName option is On (which is the default configuration). From Apache 1.3.x httpd.conf: # UseCanonicalName: (new for 1.3) With this setting turned on, whenever # Apache needs to construct a self-referencing URL (a URL that refers back # to the server the response is coming from) it will use ServerName and # Port to form a "canonical" name. With this setting off, Apache will # use the hostname:port that the client supplied, when possible. This # also affects SERVER_NAME and SERVER_PORT in CGI scripts. # UseCanonicalName Off If ServerName is not set, the system will redirect users to what it thinks its hostname is (hostname.local, host.internal.net, etc). The Fix is to either set CanonicalName to Off or set the ServerName variable to the external hostname. I don't have a local NES system to check, but this demonstrates this problem fairly effectively ;) telnet www.verXXXgn.com 80 Trying 216.1X8.XXX.XX... Connected to the.warmfuzzyofinternettrust.com. Escape character is '^]'. GET /images HTTP/1.0 HTTP/1.1 302 Moved Temporarily Server: Netscape-Enterprise/3.6 SP3 Date: Fri, 10 Aug 2001 07:10:32 GMT Location: http://172.16.128.117/images/ Content-length: 0 Content-type: text/html Connection: close Connection closed by foreign host. On Thu, 9 Aug 2001 13:22:39 -0700 "Marc Maiffret" <marcat_private> wrote: > this isnt just for HTTPS... this can occur on plain HTTP also depending on > how someone has setup. If you have an IIS web server you should not use "all > ip addresses" for a web and instead pick the specific IP so that way IIS > does not accidently return internal IP's etc.... > > Signed, > Marc Maiffret
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 08:02:31 PDT