Maxim Dounin Wrote:
---
> The explanation on why it isn't working was in the first paragraph
> I wrote:
>
> : The limit_req directive doesn't try to limit requests already
> : limited, as well as subrequests within these requests. You should
>
Thanks, I had not heard of that solution so I will chase it down to see if we
can make it work.
As for the response, I assumed that was the case and what’s the point of SSL if
there was a way to bypass it…just wishful thinking…
___
Michael Friscia
Office
Could you use letsencrypt to manage all those certs?
What you want can't work: the client makes an SSL request, you respond
(with a 301), the client detects that the interaction was not properly
authenticated, and so complains to the user. It's out of your hands,
which is the whole point of SSL i
Hello!
On Wed, Jul 18, 2018 at 03:10:54PM +, Friscia, Michael wrote:
> We have a problem where we have a large number of vanity domain
> names that are redirected. For example we have surgery.yale.edu
> which redirects to medicine.yale.edu/surgery. This works fine
> until someone tries to
We have a problem where we have a large number of vanity domain names that are
redirected. For example we have surgery.yale.edu which redirects to
medicine.yale.edu/surgery. This works fine until someone tries to request
https://surgery.yale.edu. For administrative reasons, I cannot get a wildca
Hello!
On Tue, Jul 17, 2018 at 05:23:44PM -0400, jarstewa wrote:
[...]
> So, I think you seem to be suggesting that throttling /auth should not be
> necessary, and may in fact be a bad idea. But I would still like to
> understand why it isn't working as I would expect.
The explanation on why i
