Tried 2 more times with this config we are now at 3/3 hits. Seems reproducible enough?
Difference in ssllabs output: HTTP Strict Transport Security (HSTS) with long duration deployed on this server. Which is green but downgrades the protocol result by 5% Anyway, this is one of the changes that we will disable when hunting for the critical config. The section the 100% starts to show up is labelled "Testing renegotiation" which would match expectations as the fix was about SSL renegotiation. I'm now dropping config differences one by one ... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1836329 Title: Regression running ssllabs.com/ssltest causes 2 apache process to eat up 100% cpu, easy DoS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1836329/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
