We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

Long delays with HAProxy

  • 4 antwurd
  • 0 hawwe dit probleem
  • 1 werjefte
  • Lêste antwurd fan palinst

more options

I have a Plesk (apache) server that is behind HAProxy. When I connect securely to a web site through HAProxy using Firefox, I get long delays. If I use Safari or Chrome, the pages come right up without any delay.

If I connect to the Plesk server directly without HAProxy in the middle, there are no delays.

I do not know what would cause these delays that don't occur with other browsers.

I'm on a Mac: 115.0.2 (64-bit)

I have a Plesk (apache) server that is behind HAProxy. When I connect securely to a web site through HAProxy using Firefox, I get long delays. If I use Safari or Chrome, the pages come right up without any delay. If I connect to the Plesk server directly without HAProxy in the middle, there are no delays. I do not know what would cause these delays that don't occur with other browsers. I'm on a Mac: 115.0.2 (64-bit)
Keppele skermôfbyldingen

Keazen oplossing

Figured it out. It was DNS over HTTPS which is why all other browsers worked. They all use my resolver for DNS. That setting should probably not be enabled by default. The browser shouldn't do its own thing when it comes to DNS resolution without asking first.

Dit antwurd yn kontekst lêze 👍 0

Alle antwurden (4)

more options

Gotcha... I will see if I can set up access for the outside world and check. Any by securely I mean HTTPS. Everything now is internal. Thank you.

Bewurke troch palinst op

more options

Keazen oplossing

Figured it out. It was DNS over HTTPS which is why all other browsers worked. They all use my resolver for DNS. That setting should probably not be enabled by default. The browser shouldn't do its own thing when it comes to DNS resolution without asking first.

Bewurke troch palinst op

more options

You can configure a canary domain on your network to tell software you want to use your own resolver.

more options

"You can configure a canary domain on your network to tell software you want to use your own resolver."

Not "software", just Firefox, and as the link you pointed me to states, canary domains is a hack to get around another hack.

Browsers should browse. If a browser also wants to be a DNS forwarder it should not do that by default or give a warning the first time such a "feature" is added to an update and confirm the user wants their browser doing something other than what is expected and what other software was specifically designed to do. This is the kind of nonsense Microsoft does which makes their products bloated, unpredictable, and unreliable.