|
| Ratio | Reason |
|---|---|
| 21.61% | Required header “Accept” missing. A B |
| 9.02% | Header “Pragma” without “Cache-Control” prohibited for HTTP/1.1 requests. A |
| 9.02% | Prohibited header “Proxy-Connection” present. A |
| 9.02% | Prohibited header “via” present. A |
| 8.53% | User-Agent string is required but none was provided. A B |
| 4.59% | Header “Referer” present but blank. A B |
| 1.14% | Header “Connection” contains invalid values. A B |
| 0.88% | Header “Referer” is corrupt. A B |
| 0.42% | Header “TE” present but TE not specified in “Connection” header. A |
| 35.77% | OTHER REASONS. |
A Often caused by a misconfigured web proxy or corporate firewall.
B Often caused by a misconfigured personal firewall or browser privacy software.
As you can see, around two out of three of all blocked attempts are due to misconfigured web proxies, corporate and personal firewalls which often mangle the HTTP headers on behalf of the users browser.
While a percentage of these problems are caused by crappy personal firewall default settings, the majority eminate from visitors sitting behind lame corporate proxy servers. The RFC 2616 specification defines a corporate “transparent proxy” as:
“A proxy that does not modify the request or response beyond what is required for proxy authentication and identification.”
In other words, a properly configured proxy should not obstruct browser authentication at all. So why do so many of them manage to do exactly that?
Some basic rules for commenting:
- Watch your language.
- Keep comments on-topic and relevant.
- You can use basic XHTML tags for formatting and linking but not bbcode.
- Comments are moderated, so don't double post if your comment doesn't appear immediately.
- Please proof-read your comments for spelling and grammar mistakes.
- Watch your language.
Copyright © 1999-2008 Lutrov Communications. Some rights reserved, read the legal stuff.
Except where otherwise noted, this site is licensed under a
Creative Commons License.
