On Mar 31, 2006, at 12:50 AM, David Binger wrote:
> I hope that binding a server to 127.0.0.1 or localhost does
> not really also bind it to other interfaces.
>
> The host in the https_address in the QP configuration is not really
> used
> for binding. It is there for the purpose of constructing the url that
> should be used when there is a redirect from the http to https address.
> The binding of that listener is controlled by stunnel (if you are using
> stunnel), so the https server might be visible from outside even
> if the host of the qp site's https_address is localhost or 127.0.0.1.
> I hope that's what is causing the confusion here.
I am trying to avoid any complication that may come from https. so I
bypass
https altogether for this. Anyhow, it seems to behave differently here,
or
there is something I do not understand... maybe useful information, the
server is actually a FreeBSD virtual server, with ports left open.
Testing with proto, and using the following site config:
class SitePublisher (DurusPublisher):
configuration = dict(
scgi_address=('127.0.0.1', 6002),
durus_address=('127.0.0.1', 7002),
http_address=('127.0.0.1', 8002),
as_https_address=('127.0.0.1', 9002),
https_address=('127.0.0.1', 10002),
max_children=1,
)
def secure(self):
'If the scheme is not https, redirect so that it will be.'
pass # deal with https later
Launching the site on a machine publicly available at e.g.
pubdomain.com:
First off, requesting "http://pubdomain.com:8002" gives the top page
for the site,
which is not what I understand it should give ?
Then requesting "http://pubdomain.com:6002" gives this error from
scgiserver:
Traceback (most recent call last):
File "/usr/local/bin/qp", line 85, in ?
site.start_web()
File "/usr/local/lib/python2.4/site-packages/qp/lib/site.py", line
328, in start_web
run_web(self)
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
220, in run_web
server.run()
File "/usr/local/lib/python2.4/site-packages/qp/hub/dispatcher.py",
line 260, in run
self.spawn_child()
File "/usr/local/lib/python2.4/site-packages/qp/hub/dispatcher.py",
line 84, in spawn_child
self.serve(parent_fd)
File "/usr/local/lib/python2.4/site-packages/qp/hub/dispatcher.py",
line 245, in serve
handler.handle_connection(conn)
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
198, in handle_connection
return SCGIHandler(
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
158, in handle_connection
env = read_env(input)
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
138, in read_env
headers = ns_reads(input)
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
123, in ns_reads
size = ns_read_size(input)
File "/usr/local/lib/python2.4/site-packages/qp/hub/web.py", line
120, in ns_read_size
return long(size)
ValueError: invalid literal for long(): GET / HTTP/1.1
Host
And requesting "http://pubdomain.com:7002" gives this error, and shuts
down durus:
Traceback (most recent call last):
File "/usr/local/bin/qp", line 84, in ?
site.start_durus()
File "/usr/local/lib/python2.4/site-packages/qp/lib/site.py", line
371, in start_durus
port=port).serve()
File
"/usr/local/lib/python2.4/site-packages/durus/storage_server.py", line
89, in serve
self.handle(s)
File
"/usr/local/lib/python2.4/site-packages/durus/storage_server.py", line
105, in handle
handler = getattr(self, 'handle_%s' % command_code)
AttributeError: StorageServer instance has no attribute 'handle_G'
But maybe I am asking the wrong question... do I need to declare
somewhere in some
config file on the FreeBSD virtual server, to restrict 127.0.0.1 to
local access only?
Or, must I specifically restrict 127.* or specific ports for local
access only on FreeBSD?
mario