Krist van Besien wrote:
2008/11/20 likai <[EMAIL PROTECTED]>:
Hi,
How could I reject all coming http head request by configuring httpd.conf?
You hopefully realise that rejecting "HEAD" requests will break your website?
If I may add to the above :
An example of a bad effect of rejecting HEAD requests, even for your own
website :
Several of my customers have large databases containing a lot of
"reference" URLs (pages that they find interesting). Because such URLs
tend to change or disappear over time, they regularly run a "URL
checker" program, which goes through their entire database and tries to
access these URLs to verify if they are still good.
To minimise the time and resources needed for that, both on their side
and on the websites that they are checking, these programs - if they are
smart - will first try a HEAD request for the URL in question. Then, if
it does not work, they will try a GET request to the same URL.
A HEAD request allows the server to send a "light" response, consisting
only of the response headers, not the content. For a GET request on the
other hand, the server has to send the whole response, including the
content. That is heavier for the server, and for the client.
By rejecting HEAD requests, you would be forcing your own server to do
more work, you would cause unnecessary use of bandwidth, and you may
even have the result that some clients will consider that the page is
not available, and return an error to the user.
Maybe not such a good idea.
But, tell us, why do you really want to disable HEAD requests ?
There may be a better option.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
