5

Why is IIS 7.5 returning all responses as HTTP/1.0?

view full story
linux-howto

http://serverfault.com – While trying to work out why Static File Compression wasn't working on one of our IIS servers, the error was coming back as "NO_COMPRESSION_10" which translates to: Server not configured to compress 1.0 requests Looking at the requests in Fiddler, I can see that I'm requesting HTTP 1.1, but everything is being sent back as HTTP 1.0: Request (from chrome, captured via Fiddler): GET /css/reset.css HTTP/1.1 Host: [-----].com Connection: keep-alive Cache-Control: max-age=0 If-Modified-Since: Tue, 16 Oct 2012 15:04:34 GMT User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (K (HowTos)

dayu's picture
Submitted by dayu on 12/11/2012 – Made popular on 12/11/2012

Stories similar to Why is IIS 7.5 returning all responses as HTTP/1.0?

I'm trying to upload a file (which can be quite large) from the website of one server to the backend of another server using plupload.

Possible Duplicate: My server's been hacked EMERGENCY

I'm getting millions of these requests in my Apache access log.

I am sending requests to a specific server on a cloud:

wget --header="Host: example.com" http://x.x.x.x:80/ curl -i -H"Host: example.com" http://x.x.x.x:80/

And it returns exactly as expected (a simple static file). However, when I try and access it in a browser, the request times out.

I use Squid to modify some HTTP headers sent by clients.

httpd requests cannot be handle in first time; httpd refresh the page twice to do request (reload the page is automatically by httpd)

when i use third applications to test httpd, i sent this request:

GET /10/1a8c36930872bc7ed39f901b7a7441a8.mp3 HTTP/1.1 Host: www.somedomain.com Connection: Keep-Alive, TE

and i got this as response from httpd:

HTTP/1.1 200 OK Content-Type: text/html Pragma: no

In my situation, my vulnerable parameter is Referer in the HTTP headers. I am able to enumerate the username and database name manually, but can someone explain or point me to an article that gives details about sqlmap and time-based with mysql? Here is an example of how I was able to enumerate the name.

This is my log_format in nginx

log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"' ' $request_time';

And here is the output of the access log

x.x.155.x - - [31/Oct/2011:03:54:18 +0000] "POST /xx/ HTTP/1.1" 200 127 "http://xx/ab.cc" "Mozilla/

I am trying to make some HTTP request using a HTTP proxy server over Tor. So far, I have experimented with Privoxy, Tinyproxy and Polipo. But whenever I make a request through any of these proxy servers, they somehow fetch themselves, and get stuck in a loop.

To check if there is any problem with DNS or network, I tried to fetch URLs without proxy and it works fine.

With a server running Apache and PHP via mod_fcgid, I'd like to log all requests handled by PHP into a separate file so that I can get a better idea of which requests are going through PHP versus being handled directly through the filesystem.

This is a site with some pretty complex rewrite rules in .htaccess (Wordpress with W3 Total Cache), which translates cached PHP requests into static file re