Announcement

Collapse
No announcement yet.

Cloudflare CDN Replacement

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    @ILoveHostasaurus

    What is s.apitype used for and does it have cardinals?

    Is s.apitype used to issue a server header response?

    Does uri.mvc issue s.apitype of 'Redirect' for cannonical urls?

    And somewhat related:

    I've sometime notice bot spam coming through proxys. Can s.HTTP_X_FORWARDED_FOR and s.HTTP_X_REAL_IP be used to investigate them further?

    http://www.alphabetsigns.com/

    Comment


      #17
      I'd recommend posting in the MivaScript / Empresa channel on the apitype question as I'm not familiar with that variable. For the forwarding headers, a visitor can send any header if it's otherwise valid from a protocol standpoint, so x-forwarded-for, etc. generally should not be trusted unless they've come from a trusted IP. For sites with us that have Cloudflare active, we only trust that header if it has come from a Cloudflare IP. However, at the Miva Merchant / script level, you would not know if it's trustworthy, so you should only rely on the MivaScript remote IP variable, as that will always be either the actual IP or a substitution from a trusted forward header.
      David Hubbard
      CIO
      Miva
      [email protected]
      http://www.miva.com

      Comment


        #18
        Thank you.
        http://www.alphabetsigns.com/

        Comment

        Working...
        X