Opened 4 years ago

Closed 3 years ago

#1514 closed task (fixed)

shutdown plain HTTP reseeding

Reported by: backup Owned by: backup
Priority: minor Milestone: 0.9.20
Component: www/reseed Version: 0.9.18
Keywords: Cc:
Parent Tickets:

Description

shutdown plain HTTP reseeding - disable remaining 4 http url's in Reseeder.java.

We have enough server providing su3-files over HTTPS and get an alternate way of reseeding on client side.

http://zzz.i2p/topics/1855-shutdown-dat-files-plain-http-reseeding

Subtickets

Change History (5)

comment:1 Changed 4 years ago by zzz

taking patch from #1136 first so it's easier

comment:2 Changed 4 years ago by killyourtv

Replying to backup:

shutdown plain HTTP reseeding - disable remaining 4 http url's in Reseeder.java.

I can confirm that most of the traffic that comes to http://netdb.i2p2.no is unwanted botnet traffic or ancient versions of i2pd. There's hardly any legit traffic coming in on port 80.

comment:3 Changed 4 years ago by zzz

  • Milestone changed from 0.9.21 to 0.9.20
  • Owner changed from killyourtv to backup
  • Status changed from new to assigned

#1136 checked in, see that ticket for revs
Removed all HTTP defaults in 85f6139fdf97a8859942e2af6f6a1d91778219e7 to be 0.9.19-6.
Reassigning to 'backup' to asking remaining reseed hosts to turn off http, at their convenience.

Doesn't have to wait for the 0.9.20 release. I verified with orignal that he's ok with this also. HTTPS has been preferred over HTTP since late 2011, and HTTPS-only has been the default since late 2014.

comment:4 Changed 4 years ago by killyourtv

For the record, http://netdb.i2p.no still works, but reseeding will not work anymore without HTTPS.

❯ curl -I -A Wget/1.11.4 http://netdb.i2p2.no/i2pseeds.su3
HTTP/1.1 410 Gone
Server: nginx/1.4.6 (Ubuntu)
Date: Mon, 20 Apr 2015 18:08:32 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Proxy-Connection: keep-alive

Both http://netdb.i2p2.no and https://netdb.i2p2.no now display a simple informative message (text could be improved) when accessed via a web browser.

comment:5 Changed 3 years ago by backup

  • Resolution set to fixed
  • Status changed from assigned to closed

server side:

all reseed server fixed: reseeding only via https.

Note: See TracTickets for help on using tickets.