I kind of agree: keepalive connections are not strictly necessary in this
scenario.
But there is a reason why I started looking into this: I started noticing a lot
of closed tcp connections with status TIME_WAIT. That happens when you
close the connection on your end, and the os keeps these aroun
Hello!
On Mon, Dec 20, 2021 at 04:00:59PM +, Nicolas Franck wrote:
> Interesting!
>
> I looks like there is nothing that managing the incoming connections
> for the fcgi workers. Every fcgi worker needs to do this on its own, right?
> So if there are more clients (i.e. nginx workers) than fc
On Mon, 20 Dec 2021 17:49:48 +
Jay Caines-Gooby wrote:
> The request is for your index page "GET / HTTP/1.1"; that's why your
> server responded with 200 OK. The special characters are in the
> referer and user-agent fields, as a log4j system would also try to
> interpolate these, and thus
The request is for your index page "GET / HTTP/1.1"; that's why your server
responded with 200 OK. The special characters are in the referer and
user-agent fields, as a log4j system would also try to interpolate these,
and thus be vulnerable to the exploit.
On Mon, 20 Dec 2021 at 04:02, li...@lazy
Interesting!
I looks like there is nothing that managing the incoming connections
for the fcgi workers. Every fcgi worker needs to do this on its own, right?
So if there are more clients (i.e. nginx workers) than fcgi workers,
then it becomes unresponsive after a few requests, because all
the fcgi
Hello!
On Sun, Dec 19, 2021 at 07:56:51PM +, Nicolas Franck wrote:
> In order to make nginx keep the tcp connections alive,
> I've added the following settings:
>
> * proxy_socket_keepalive on
> * proxy_http_version 1.1;
> * proxy_set_header Connection "";
Just a side note: you don't need a
On Sun, Dec 19, 2021 at 08:02:08PM -0800, li...@lazygranch.com wrote:
Hi there,
> I don't have any service using java so I don't believe I am subject to
> this exploit. Howerver I am confused why a returned a 200 for this
> request. The special characters in the URL are confusing.
>
> 200 207.24
