Does not work behind BlueCoat proxy
-
Hi,
After opening both our corporate firewall and proxy to allow Wordfence communication to servers, we have been unable to use the plugin for scanning.
We logged a call with BlueCoat support and they came back with the below;CONNECT noc1.wordfence.com:443 HTTP/1.1
Host: noc1.wordfence.com:443
User-Agent: Wordfence.com UA 6.0.24
Proxy-Connection: Keep-Alive
Accept-Encoding: deflate;q=1.0, compress;q=0.5, gzip;q=0.5
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 49When the server attempts the CONNECT in the second session, the proxy is immediately denying the request because the content-length should not appear in the CONNECT request!!!!
*********************************
The reason why the customer was getting a 400 bad request is because with the HTTP CONNECT method, there should not be any value in the content-length header of the request, if there is a value in the content-length header, the proxysg will treat it as an invalid request and return a 400 bad request.To work around this issue, please enable HTTP Tolerant-request-parsing from the CLI of the proxy. The actual fix is for the developer to fix the coding of their HTTP CONNECT request.
ProxySG>en
Enable Password:
ProxySG#conf t
Enter configuration commands, one per line. End with CTRL-Z.
ProxySG#(config)http tolerant-request-parsing
Ok
*************************************************We do not want to enable this as it will be Global and the effects will be unknown.
Are you able to address this? Please advise.
Thanks,
- The topic ‘Does not work behind BlueCoat proxy’ is closed to new replies.