Hi,
At Kiwix, our most critical use case of libmicrohttpd is behind a
reverse-proxy. One of the reason is to be able to easily provide a HTTPS
end-point. With the success of HTTPS, I suspect that this might even be
meanwhile a common use-case for libmicrohttpd.
Because this service has a high throughput, we keep improving the
overall performance and better secure the stability of the service. This
is why we consider using MHD_OPTION_PER_IP_CONNECTION_LIMIT to better
handle how the connections are distributed.
My first remark/question is about microhttpd.h. It is written in the
comment "The default is zero", but actually the code stays that
"MHD_OPTION_PER_IP_CONNECTION_LIMIT = 5". I find it pretty confusing to
understand what is the default behaviour if nothing is specified!
The second point is regarding the behaviour if the daemon is behind a
reverse-proxy. From what I see in the code, in such a scenario the
reverse-proxy IP will be interpreted as the client IP, right (which
means that it won't probably behave like expected)? If "yes", have you
consider to check first
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For?
In such a case the daemon would always behave properly IMO.
Regards
Kelson
--
Kiwix - Wikipedia Offline & more
* Web: https://kiwix.org/
* Twitter: https://twitter.com/KiwixOffline
* Wiki: https://wiki.kiwix.org/
