redirects for "parked" mozilla-owned domains don't work

RESOLVED FIXED

Status

mozilla.org Graveyard
Server Operations
--
minor
RESOLVED FIXED
8 years ago
3 years ago

People

(Reporter: mrz, Assigned: justdave)

Tracking

Details

(Reporter)

Description

8 years ago
Hi all,
 
I am getting the below notice on "mozilla-europe.de"`. It used to forward to mozilla.europe.org. Did something go wrong?
Thanks
Anthonia
Forbidden

You don't have permission to access /error/noindex.html on this server.
This apparently got broken when the anti-hostname-spoofing default vhosts were added.  We have a large number of domains pointed at this IP in DNS, which were pointed here because the default vhost just redirected to mozilla-europe.org without any extra configuration needed.  With the anti-hostname-spoofing in place, these are all now broken until we add a specific vhost for each of them.
There's two other IP addresses for mozilla.org and mozilla.com redirects also.  I bet they're similarly broken.
We have 79 domain names using the "redirects-to-mozilla-europe.org" zone file in DNS.  Exactly 1 of those domains (seamonkey.de) actually has a vhost defined for it on the web server.

We have 47 domain names using the "redirects-to-www.mozilla.org" zone file in DNS.  Exactly 1 of those domains (tydzienmozilli.pl) actually has a vhost defined for it on the web server.

"redirects-to-www.mozilla.com" appears to be gone, apparently those all got moved to the .org one.
Summary: mozilla-europe.de page load issues → redirects for "parked" mozilla-owned domains don't work
Is our approach to add the vhost info or do we need to reevaluate the anti-hostname-spoofing control?  Let me know how/if I'm needed to assist in getting this issue fixed.
I was looking at the wrong cluster config for the mozilla.org one.  Out of those 47, 26 of those are actually set up.
And 9 of the mozilla-europe ones are set up on the mozilla.org webserver cluster (which makes them useless).
(In reply to comment #4)
> Is our approach to add the vhost info or do we need to reevaluate the
> anti-hostname-spoofing control?  Let me know how/if I'm needed to assist in
> getting this issue fixed.

I think I'm going to go ahead and add the vhosts for them.  As long as apache takes it, no reason I can't make one big vhost with a few dozen ServerAliases. :)
Assignee: server-ops → justdave
Blocks: 629108
OK, this is done.  We now have a script in place that auto-generates the virtual host config for apache based on the zone files in DNS, which will make sure none of these get missed in the future.

I had to make a DNS change to make the European ones work, that should propagate within 10 minutes or so and then all of those should be working.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.