More Re-negotiation error in Apache logs

I was worried that updating my page to only accept secure https connections might lock out some customers who are still using Windows XP and old IE browsers. I was a bit worried when,
after updating my SSL ciphers I am still getting errors like this:


SSL Library Error: error:14080152:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
[client 180.76.15.31:51166] AH02225: Re-negotiation request failed
[client 134.249.131.0:51259] AH02225: Re-negotiation request failed
[client 134.249.131.0:51123] AH02225: Re-negotiation request failed
[client 1.39.57.169:37633] AH02225: Re-negotiation request failed

However, looking up the first ip with whois yields a netname of Baidu, the next two are located in the Ukraine, and one from India. There are a whole bunch of these, so I’m guessing it’s some spammers looking for forms that they can fill in with links. I just had 643 catalog requests a few days ago that defeated my rudimentary spam checking tool, so that’s what I’m going with for now.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.