[ic] hostnamelookups on or off?
Kevin Walsh
interchange-users@icdevgroup.org
Tue Nov 5 22:37:00 2002
Jeff Dafoe [jeff@badtz-maru.com] wrote:
>
> I usually run my web servers with hostnamelookups set to off. After
> noticing some oddities with sessions from AOL today, as they moved between
> SSL and non-SSL pages, I did a bit of searching and it looks like I should
> configure the web server that communicates with IC such that hostnamelookups
> is turned on.
> I am wondering if having hostnamelookups set to off will only have a
> potential negative effect on non-cookied sessions? Is the hostname
> qualification used with a cookied session?
>
Interchange 4.8 doesn't do any form of DNS resolution to determine
the remote user's hostname, as it expects the web server to perform
this function.
The web server is not the best place to perform this DNS resolution,
so a new directive (HostnameLookups) has recently been added to
Interchange 4.9.
You have two choices if you want to accept AOL users: (1) Switch
HostnameLookups on in your Apache settings (or whatever is appropriate
for your web server software), or (2) Use the latest Interchange 4.9
snapshot and add the following line to your interchange.cfg file:
HostnameLookups Yes
You may use "On", "True" or "1" instead of "Yes" if you prefer.
The advantage of having Interchange perform the hostname lookup, instead
of the webserver, is that it will be performed only for page requests,
rather than for every image or other non-Interchange-related file.
Cookie use has no bearing upon whether hostname lookups are required.
Hostname qualification is always used, unless "WideOpen" mode is
switched on. Do not enable WideOpen mode unless you have something
against security. :-)
--
_/ _/ _/_/_/_/ _/ _/ _/_/_/ _/ _/
_/_/_/ _/_/ _/ _/ _/ _/_/ _/ K e v i n W a l s h
_/ _/ _/ _/ _/ _/ _/ _/_/ kevin@cursor.biz
_/ _/ _/_/_/_/ _/ _/_/_/ _/ _/