#4362 Wrong/non-standard HTTP status in MiniServ triggers certain proxy scanners

1.670
closed-fixed
nobody
None
5
2014-01-25
2014-01-25
Tiger
No

If SSL is enabled but non-ssl to ssl redirects are disabled, the server answers with status "200 Bad Request" (and an error message suggesting to use https), which triggers certain proxy scanners (and banned my bot from euIRC). It should be "400 Bad Request" or "200 OK" as defined in the HTTP standard.

Discussion

  • Jamie Cameron
    Jamie Cameron
    2014-01-25

    That proxy scanner seems rather overzealous if it is rejecting HTTP responses just based on the message. However, I will change this to "200 Document follows" which is what Webmin uses for regular pages, in the next release.

     
  • Jamie Cameron
    Jamie Cameron
    2014-01-25

    • status: open --> closed-fixed