Advertisement
Guest User

Untitled

a guest
Jun 13th, 2017
97
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. On server, added files acmetest.html and a favicon so no 404 appears in the log.
  2. Clear Firefox history.
  3.  
  4. Firefox:
  5. https://www.lazygranch.site/acmetest.html
  6. response: This is a test html file.
  7. access.log:
  8. myip - - [14/Jun/2017:02:21:22 +0000] "GET /acmetest.html HTTP/2.0" 200 206 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  9. note: Expected a get for the favicon. Also favicon not seen in firefox. Response code of 200.
  10.  
  11. Firefox:
  12. http://www.lazygranch.site/acmetest.html
  13. Action: Firefox switches to https://www.lazygranch.site/acmetest.html
  14. access.log:
  15. myip - - [14/Jun/2017:02:23:45 +0000] "GET /acmetest.html HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  16. myip - - [14/Jun/2017:02:23:46 +0000] "GET /acmetest.html HTTP/2.0" 304 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  17. note: First the 301 redirect permanently, then a 304 (not modified so pull from cache)
  18.  
  19. service nginx restart and clear history should for a fresh load rather than pull from cache.
  20. Firefox:
  21. http://www.lazygranch.site/acmetest.html
  22. Action: Firefox switches to https://www.lazygranch.site/acmetest.html
  23. myip - - [14/Jun/2017:02:32:59 +0000] "GET /acmetest.html HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  24. myip - - [14/Jun/2017:02:32:59 +0000] "GET /acmetest.html HTTP/2.0" 200 206 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  25. Note: like above
  26.  
  27. Firefox:
  28. http://www.lazygranch.site/.well-known/acme-challenge/test.txt
  29. Response: greetings
  30. access.log:
  31. myip - - [14/Jun/2017:02:36:29 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/1.1" 200 11 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  32. myip - - [14/Jun/2017:02:36:30 +0000] "GET /favicon.ico HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  33. myip - - [14/Jun/2017:02:36:30 +0000] "GET /favicon.ico HTTP/2.0" 200 2686 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  34. note: Weird. The favicon now appears.
  35.  
  36. Firefox:
  37. https://www.lazygranch.site/.well-known/acme-challenge/test.txt
  38. Response:
  39. Browser is not secure. Displays "greetings"
  40. access.log:
  41. myip - - [14/Jun/2017:02:41:51 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0note: Browser started out https, got the 307 redirect, but no secondary operation to retrieve the text via http.
  42.  
  43. Clear history,cache and restart nginx.
  44. Firefox:
  45. https://www.lazygranch.site/.well-known/acme-challenge/test.txt
  46. Response:
  47. "greetings" and not secure.
  48. access.log:
  49. myip - - [14/Jun/2017:02:49:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  50. myip - - [14/Jun/2017:02:49:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/1.1" 200 11 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  51. myip - - [14/Jun/2017:02:49:31 +0000] "GET /favicon.ico HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  52. myip - - [14/Jun/2017:02:49:31 +0000] "GET /favicon.ico HTTP/2.0" 200 2686 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  53. note:
  54. Response 307 under https goes to http with response 200 (fresh download)
  55.  
  56. add expires -1; to nginx.conf. Don't clear Firefox history or cache.
  57. Firefox:
  58. https://www.lazygranch.site/.well-known/acme-challenge/test.txt
  59. response is "greetings!"
  60. access.log:
  61. myip - - [14/Jun/2017:03:03:31 +0000] "GET /.well-known/acme-challenge/test.txt HTTP/2.0" 307 187 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
  62. note: still not a fresh download
Advertisement
RAW Paste Data Copied
Advertisement