Re: IETF web site behind CloudFlare
Linus Nordberg <linus@nordu.net> Thu, 25 September 2014 20:13 UTC
Return-Path: <goi-ietf@m.gmane.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D73C41A0233 for <ietf@ietfa.amsl.com>; Thu, 25 Sep 2014 13:13:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.988
X-Spam-Level:
X-Spam-Status: No, score=-0.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_19=0.6, J_CHICKENPOX_26=0.6, J_CHICKENPOX_29=0.6, J_CHICKENPOX_51=0.6, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wPcaJ6c5fXFa for <ietf@ietfa.amsl.com>; Thu, 25 Sep 2014 13:13:49 -0700 (PDT)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 213401A01D6 for <ietf@ietf.org>; Thu, 25 Sep 2014 13:13:49 -0700 (PDT)
Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from <goi-ietf@m.gmane.org>) id 1XXFQA-0007K6-VD for ietf@ietf.org; Thu, 25 Sep 2014 22:13:46 +0200
Received: from smtp.adb-centralen.se ([193.10.5.129]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf@ietf.org>; Thu, 25 Sep 2014 22:13:46 +0200
Received: from linus by smtp.adb-centralen.se with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf@ietf.org>; Thu, 25 Sep 2014 22:13:46 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: ietf@ietf.org
From: Linus Nordberg <linus@nordu.net>
Subject: Re: IETF web site behind CloudFlare
Date: Thu, 25 Sep 2014 22:14:43 +0200
Organization: NORDUnet A/S
Lines: 66
Message-ID: <87a95n1mq4.fsf@nordberg.se>
References: <87ha07eq9r.fsf@nordberg.se> <54240375.7080704@gmx.de>
Mime-Version: 1.0
Content-Type: text/plain
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: smtp.adb-centralen.se
User-Agent: Gnus/5.13 (Gnus v5.13)
Cancel-Lock: sha1:QSVxj3N33WxYPUXqmif1qaE52MY=
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/eCbubDfjZY2lVCgQoC1rFWfvHxw
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2014 20:13:51 -0000
Julian Reschke <julian.reschke@gmx.de> wrote Thu, 25 Sep 2014 13:58:45 +0200: | When you get the CAPTCHA page, does it come with a non-2xx HTTP status code? | Best regards, Julian Yes, 403. --8<---------------cut here---------------start------------->8--- $ curl -v -s -A '' -x socks4a://127.0.0.1:9050/ https://www.ietf.org/ > www.ietf.org.html * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * SOCKS4 communication to www.ietf.org:443 * SOCKS4a request granted. * Connected to 127.0.0.1 (127.0.0.1) port 9050 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Server hello (2): { [data not shown] * SSLv3, TLS handshake, CERT (11): { [data not shown] * SSLv3, TLS handshake, Server key exchange (12): { [data not shown] * SSLv3, TLS handshake, Server finished (14): { [data not shown] * SSLv3, TLS handshake, Client key exchange (16): } [data not shown] * SSLv3, TLS change cipher, Client hello (1): } [data not shown] * SSLv3, TLS handshake, Finished (20): } [data not shown] * SSLv3, TLS change cipher, Client hello (1): { [data not shown] * SSLv3, TLS handshake, Finished (20): { [data not shown] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * Server certificate: * subject: OU=Domain Control Validated; CN=*.ietf.org * start date: 2014-07-25 19:02:22 GMT * expire date: 2015-08-11 23:12:50 GMT * subjectAltName: www.ietf.org matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=Starfield Technologies, Inc.; OU=http://certs.starfieldtech.com/repository/; CN=Starfield Secure Certificate Authority - G2 * SSL certificate verify ok. > GET / HTTP/1.1 > Host: www.ietf.org > Accept: */* > < HTTP/1.1 403 Forbidden * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < Date: Thu, 25 Sep 2014 20:09:34 GMT < Content-Type: text/html; charset=UTF-8 < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=df905f6d4fc2798f596872df7b98498501411675774571; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.ietf.org; HttpOnly < Cache-Control: max-age=2 < Expires: Thu, 25 Sep 2014 20:09:36 GMT < CF-RAY: 16f9dc37031e0c23-AMS < { [data not shown] * Connection #0 to host www.ietf.org left intact $ --8<---------------cut here---------------end--------------->8---
- IETF web site behind CloudFlare Linus Nordberg
- Re: IETF web site behind CloudFlare Fred Baker (fred)
- Re: IETF web site behind CloudFlare S Moonesamy
- Re: IETF web site behind CloudFlare David Conrad
- Re: IETF web site behind CloudFlare Linus Nordberg
- Re: IETF web site behind CloudFlare Paul Wouters
- Re: IETF web site behind CloudFlare David Conrad
- Re: IETF web site behind CloudFlare Rich Kulawiec
- Re: IETF web site behind CloudFlare Christopher Morrow
- Re: IETF web site behind CloudFlare Yoav Nir
- Re: IETF web site behind CloudFlare Doug Royer
- Re: IETF web site behind CloudFlare Shumon Huque
- Re: IETF web site behind CloudFlare Tom Thorogood
- Re: IETF web site behind CloudFlare Tom Thorogood
- Re: IETF web site behind CloudFlare Brian E Carpenter
- Re: IETF web site behind CloudFlare Mikael Abrahamsson
- Re: IETF web site behind CloudFlare Leif Johansson
- Re: IETF web site behind CloudFlare Rhys Smith
- Re: IETF web site behind CloudFlare Tom Thorogood
- Re: IETF web site behind CloudFlare Jari Arkko
- Re: IETF web site behind CloudFlare Linus Nordberg
- Re: IETF web site behind CloudFlare Linus Nordberg
- Re: IETF web site behind CloudFlare Rich Kulawiec
- Re: IETF web site behind CloudFlare Jari Arkko
- Re: IETF web site behind CloudFlare Livingood, Jason
- Re: IETF web site behind CloudFlare Martin Rex
- Re: IETF web site behind CloudFlare David Conrad
- Re: IETF web site behind CloudFlare Ross Finlayson
- Re: IETF web site behind CloudFlare John Kristoff
- Re: IETF web site behind CloudFlare David Conrad
- Re: IETF web site behind CloudFlare Mark Andrews
- Re: IETF web site behind CloudFlare Mark Andrews
- Re: IETF web site behind CloudFlare Jari Arkko
- Re: IETF web site behind CloudFlare Henrik Levkowetz
- Re: IETF web site behind CloudFlare John Kristoff
- Re: IETF web site behind CloudFlare Doug Barton
- Re: IETF web site behind CloudFlare manning bill
- Re: IETF web site behind CloudFlare Stephen Farrell
- Re: IETF web site behind CloudFlare Doug Barton
- Re: IETF web site behind CloudFlare Doug Barton
- Re: IETF web site behind CloudFlare Ted Lemon
- Re: IETF web site behind CloudFlare Ted Lemon
- Re: IETF web site behind CloudFlare Linus Nordberg
- Re: IETF web site behind CloudFlare S Moonesamy
- Re: IETF web site behind CloudFlare Julian Reschke
- Re: IETF web site behind CloudFlare t.p.