| Key: |
GWMON-18
|
| Type: |
Improvement
|
| Status: |
Open
|
| Priority: |
Standard
|
| Assignee: |
Webmaster
|
| Reporter: |
Tony Su
|
| Votes: |
0
|
| Watchers: |
0
|
|
If you were logged in you would be able to see more operations.
|
|
|
|
|
| Component/s: |
Other
|
| Affects Version/s: |
None
|
| Fix Version/s: |
None
|
|
|
Original Estimate:
|
1 hour
|
Remaining Estimate:
|
1 hour
|
Time Spent:
|
Unknown
|
|
Environment:
|
Not Applicable
|
|
|
Whoever set up this bug tracking website selected a very unfortunate port number (8080). This port number is commonly used by proxy firewalls (and also port 8000) to force users on a network to use the Proxy when connecting to a port 80 site on the Internet. The problem of course is that if a User behind a proxy firewall enters the address to this bug reporting site, the traffic will be directed to port 80 instead because the firewall will <expect> traffic on port 8080. I'm not sure why this site is not deployed on port 80 or configured with SSL to be secure, but deploying on a non-default port is next to ineffective considering today's exploits which know how to "find" services on non-default ports.
|
|
Description
|
Whoever set up this bug tracking website selected a very unfortunate port number (8080). This port number is commonly used by proxy firewalls (and also port 8000) to force users on a network to use the Proxy when connecting to a port 80 site on the Internet. The problem of course is that if a User behind a proxy firewall enters the address to this bug reporting site, the traffic will be directed to port 80 instead because the firewall will <expect> traffic on port 8080. I'm not sure why this site is not deployed on port 80 or configured with SSL to be secure, but deploying on a non-default port is next to ineffective considering today's exploits which know how to "find" services on non-default ports. |
Show » |
| There are no comments yet on this issue.
|
|
