On Fri, Aug 7, 2009 at 10:43 AM, Jack Neely<[email protected]> wrote: > On Wed, Aug 05, 2009 at 07:08:30PM +0100, Simon Wilkinson wrote: >> >> On 5 Aug 2009, at 19:03, Russ Allbery wrote: >> >>> Apache recursively ascends the file hierarchy looking for .htaccess >>> files >>> even if that directory itself is not being served, so it will attempt >>> to >>> read /afs/.htaccess if you are serving any directory anywhere under / >>> afs. >> >> I haven't looked at the code, so we may be already doing this, but it >> seems to me that we could just bounce requests for /afs/.htaccess >> immediately. In fact, there's probably a range of things that it makes >> no sense to do DNS lookups for. >> >> S. >> > > I agree here. Turns out I am sending out DNS queries from each of the > web servers for the htaccess cell 20 or so times a second.
A hardcoded blacklist would be good, configurable blacklist would be better, but at the same time, we could stand to cache negative answers for a bit longer in some manner. -- Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
