[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HTTPS redirects to HTTP for monitoring

Subject: HTTPS redirects to HTTP for monitoring
From: geoffk at geoffk.org (Geoffrey Keating)
Date: 18 Jan 2015 12:49:10 -0800
In-reply-to: <CAKnNFz8Q87ORf9c0HBz2AV_9-DjT-oOfrgG3uHdgujJAz+P=-Q@mail.gmail.com>
References: <CAPiURgX9jGFQMvVcW2ON1gnUkG1yEF2=n6AqfS9U6HjJu_vWdA@mail.gmail.com> <CAKnNFz8Q87ORf9c0HBz2AV_9-DjT-oOfrgG3uHdgujJAz+P=-Q@mail.gmail.com>

chris <tknchris at gmail.com> writes:

> I have been going through something very interesting recently that relates
> to this. We have a customer who google is flagging for "abusive" search
> behavior. Because google now forces all search traffic to be SSL, it has
> made attempting to track down the supposed "bad traffic"  extremely
> difficult. We have contacted google through several channels and no one at
> google who we've worked with is able to provide us any factual examples of
> what they are seeing and because of the traffic being encrypted all our
> usual capture and analysis tools have been fairly useless.

I presume the problem is that Google has flagged the outgoing address
on your NAT, because that's all they can see.

Have you considered deploying IPv6 and giving each customer their own
address?  Then only that customer will be flagged and it'll be between
them and Google.

References:
- HTTPS redirects to HTTP for monitoring
  - From: shortdudey123 at gmail.com (Grant Ridder)
- HTTPS redirects to HTTP for monitoring
  - From: tknchris at gmail.com (chris)

Prev by Date: HTTPS redirects to HTTP for monitoring
Next by Date: HTTPS redirects to HTTP for monitoring
Previous by thread: HTTPS redirects to HTTP for monitoring
Next by thread: HTTPS redirects to HTTP for monitoring
Index(es):
- Date
- Thread