Comparing my http access log with the watchdog I noticed the following entries. If I understand it correctly the originator is successfully (200) using my system as a proxy (CONNECT). I will try to figure out how to stop that... Just wanted to report it here in case someone else notices the same DA errors (which could otherwise be linked to bad php settings)
81.88.124.30 - - [24/Mar/2010:04:59:50 +0100] "CONNECT 64.12.202.22:443 HTTP/1.0" 200 5842 "-" "-"
81.88.124.30 - - [24/Mar/2010:04:37:45 +0100] "CONNECT 64.12.202.1:443 HTTP/1.0" 200 5842 "-" "-"
Domain Access 24 Mar 2010 - 04:59 Domain access failed to load during phase: 1. Please ...
Domain Access 24 Mar 2010 - 04:37 Domain access failed to load during phase: 1. Please ...
Comments
Comment #1
icametoplay-1 commentedSame here - subscribing
Comment #2
skizzo commentedin my case I didn't remember to save the setup after configuring iptables, so on first reboot
I lost my firewall. I realized that thanks to the DA watchdog message...
Comment #3
agentrickardInteresting. Phase 1 is DOMAIN_BOOTSTRAP_NAME_RESOLVE, which means the attacker is pinging you based on IP and not domain name, so DA fails to resolve the request.
See domain_resolve_host() for instance. This is returning FALSE, so DA's bootstrap fails.
You can remove this by using Domain Alias to register IPs as aliases of their domain names.
This is all By Design. Oddly, I have never had that error reported before. But that's why we have a trap in the bootstrap to catch these load errors.
Comment #4
agentrickard