new | ask | show | jobs
joncfoo 4 days ago  [ - ]

Doesn't seem to be up =\

GSGBen 4 days ago  [ - ]

Found the issue - a use after free in send_response() if I close the session early due to an error. Was continuing to the next bit. Put a temp fix in place, will push a proper one later.

GSGBen 4 days ago  [ - ]

Still seems to have an issue, but no output before the crash. Will have to do some more debugging. Thanks for the test HN!

Source is here btw: https://github.com/GSGBen/unsafehttp/blob/main/src/main.c

Retr0id 4 days ago  [ - ]

hotfixing httpd UAFs is peak HN spirit :)

GSGBen 4 days ago  [ - ]

Whoops, should be back up now. I'll have to check logs later to see why it went down.

eyjafjallajokul 4 days ago  [ - ]

You're going to need a bigger host to support HN traffic :)

201984 4 days ago  [ - ]

What is it about HN that overwhelms small servers like this? It was a small static page so I wouldn't think it'd be that much load on the server itself, even for an OrangePi like this one.

Too many simultaneous connections for his router maybe? Or too much bandwidth for his internet connection?

binaryturtle 4 days ago  [ - ]

If they are behind a NAT/ stateful firewall there is just so much connections it will handle at once. I think OpenWRT has like 16K max by default, f.ex. So for less than 16K requests by different users/IPs… each is kept for about 1 minute I think… it quickly will go down, I guess. :)

cat /proc/sys/net/netfilter/nf_conntrack_max

Should give some details.

201984 4 days ago  [ - ]

Do you know if using the DMZ feature on most routers instead of port forwarding would get around this limit, or if there's any other way?

1vuio0pswjnm7 4 days ago  [ - ]

I wish submitters would try using .onion sites for small static pages, for example as an alternative URL

Fewer source IPs