* Stephen Gran: > This one time, at band camp, Florian Weimer said: >> Hi, >> >> I plan to switch the debsecan data source to URLs below: >> >> <https://security-tracker.debian.org/tracker/debsecan/release/1/> >> >> I don't know how much traffic this will generate eventually. Would it >> be possible to tweak the mod_proxy settings so that the local Apache >> server caches generated pages for a short period time (say, five >> minutes), but only for URLs which start with >> "https://security-tracker.debian.org/tracker/debsecan/release/1/";, e.g. >> <https://security-tracker.debian.org/tracker/debsecan/release/1/sid>? > > mod_cache is a mildly complicated (and potentially dangerous) beast. > Please have a look over > http://httpd.apache.org/docs/2.2/mod/mod_cache.html and linked pages > (especially the caching guide).
Sure, those are the perils of caching. > Let us know what content (if any, including headers) should be excluded > from caches. Assume that we know nothing about your application, > and ask advice if you're unsure if something should be cached or not. > As I said, caching can be dangerous if misused - you can present one > user's content to another user very easily. I don't think debsecan has > that sort of problem, but you should consider if headers change the way > your application responds and work with that idea in mind. Everything below https://security-tracker.debian.org/tracker/debsecan/release/ is public and not client-dependent at all, so caching that will not cause any trouble. > We can tune it to only cache things at the mentioned path. Is > there any reason we should be hard coding the expiry time of cache > objects? Can you not set cache headers in the application? debsecan doesn't set any caching headers, and the server side is not very cache-friendly, either, because it does not supply Last-Modified headers etc. We should change that eventually, but it's not a priority right now. I've uploaded a new version of debsecan with the security-tracker.debian.org URL to unstable. Let's see how it goes and apply the caching if needed. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
