Yeah, maybe this is a bit on the edge....
I am discovering several issues with users on satellite internet connections not being able to authenticate via a htaccess/htpasswd system. Some users cannot connect at all, some can connect reliably.. and some are hit and miss.. works one day and not the next. Yet those same users can log in fine if they switch back to their dialup system.
Has anybody else found this and is there a magic tweak somewhere to help this work?
Thanks, John Hinton
On 8/7/06, John Hinton webmaster@ew3d.com wrote:
Yeah, maybe this is a bit on the edge....
I am discovering several issues with users on satellite internet connections not being able to authenticate via a htaccess/htpasswd system. Some users cannot connect at all, some can connect reliably.. and some are hit and miss.. works one day and not the next. Yet those same users can log in fine if they switch back to their dialup system.
htaccess/htpasswd should have nothing to do with satellite internet. Either they can get there or not. They may be having timeout issues which sould be due to the latency of satellite internet, but not an issue with authentication itself.
The access to your server should not be a problem, only the latency should be. There are some ways for tuning Linux for this kind of link, some links that could help you: http://dsd.lbl.gov/TCP-tuning/linux.html This said about using hybla as the congestion control algorithm. Has someone used this?
On 8/7/06, Jim Perrin jperrin@gmail.com wrote:
On 8/7/06, John Hinton webmaster@ew3d.com wrote:
Yeah, maybe this is a bit on the edge....
I am discovering several issues with users on satellite internet connections not being able to authenticate via a htaccess/htpasswd system. Some users cannot connect at all, some can connect reliably.. and some are hit and miss.. works one day and not the next. Yet those same users can log in fine if they switch back to their dialup system.
htaccess/htpasswd should have nothing to do with satellite internet. Either they can get there or not. They may be having timeout issues which sould be due to the latency of satellite internet, but not an issue with authentication itself.
-- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Cleber P. de Souza wrote:
The access to your server should not be a problem, only the latency should be. There are some ways for tuning Linux for this kind of link, some links that could help you: http://dsd.lbl.gov/TCP-tuning/linux.html This said about using hybla as the congestion control algorithm. Has someone used this?
It isn't clear to me, but it seems like this is a problem from the other end, not my end? I don't see where the htaccess login attempt is making to my system. So are these for systems which are on satellite?
I really didn't say in my original post, but we are on fiber here with plenty of bandwidth for our needs and server loads on the system in question are completely acceptable. Most of the time under 1. We are a hosting company and simply trying to provide additional services for our clients and in this case htaccess is by far the best solution for login to a protected directory.
Thanks, John Hinton
On 8/7/06, Jim Perrin jperrin@gmail.com wrote:
On 8/7/06, John Hinton webmaster@ew3d.com wrote:
Yeah, maybe this is a bit on the edge....
I am discovering several issues with users on satellite internet connections not being able to authenticate via a htaccess/htpasswd system. Some users cannot connect at all, some can connect reliably.. and some are hit and miss.. works one day and not the next. Yet those same users can log in fine if they switch back to their dialup system.
htaccess/htpasswd should have nothing to do with satellite internet. Either they can get there or not. They may be having timeout issues which sould be due to the latency of satellite internet, but not an issue with authentication itself.
-- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Jim Perrin wrote:
On 8/7/06, John Hinton webmaster@ew3d.com wrote:
Yeah, maybe this is a bit on the edge....
I am discovering several issues with users on satellite internet connections not being able to authenticate via a htaccess/htpasswd system. Some users cannot connect at all, some can connect reliably.. and some are hit and miss.. works one day and not the next. Yet those same users can log in fine if they switch back to their dialup system.
htaccess/htpasswd should have nothing to do with satellite internet. Either they can get there or not. They may be having timeout issues which sould be due to the latency of satellite internet, but not an issue with authentication itself.
This is what is confusing. We are on fiber here at our hosting facility.
Case 1 A hosting client with satellite ISP can on our server POP for mail, Authenticate SMTP, and fully access their website. On the same server one day they can gain access to a protected directory via htaccess, the next day they can't.
Case 2 Another hosting client can POP and Authenticate the same as above, but cannot gain access to said directory via htaccess while using their satellite connection, but can when using their dialup connection.
Case 3 Hosting client could not gain access for a few days via their satellite connection, but then suddenly it started working and has worked for them from that point forward.
Case 4 Another client has had no problems with their satellite connection with any htaccess to our system.
Multiple Cases. Clients not on satellite have reported 0 problems with connecting via htaccess to this system.
So, something is going on with what satellite providers are doing. I understand that some non-standard methods for access have been created to speed up satellite handshakes. It seems to me that the defacto standard was 7 communications per file transferred. But since this would take about 7 seconds via satellite, I think they have somehow cut this number back. Oddly, I can't seem to find a thing about his issue when googling. But I do know that dnsreport.com does not work from at least one directway satellite connection, which happens to be the one that can always login via htaccess to our systems.
Yes, their appears to be a latency problem. Or perhaps the web browser just isn't waiting long enough for a proper return, as the login box reappears immediately, not a few seconds later.. which should be proper as it has to take at least two seconds for the transmissions. I don't even see the incoming request for the connection. The user just keeps getting the htaccess popup from their windows machine.. unless they hit cancel.. to which the get the authorization error message as they are not htaccess authenticated.
Best, John Hinton
Case 1 A hosting client with satellite ISP can on our server POP for mail, Authenticate SMTP, and fully access their website. On the same server one day they can gain access to a protected directory via htaccess, the next day they can't.
A packet dump here may show you that things are being dropped or not passing properly.
Case 2 Another hosting client can POP and Authenticate the same as above, but cannot gain access to said directory via htaccess while using their satellite connection, but can when using their dialup connection.
Same as above. Checking with the satellite provider might be an option.
Case 3 Hosting client could not gain access for a few days via their satellite connection, but then suddenly it started working and has worked for them from that point forward.
Did they bitch to their provider and get something changed?
Multiple Cases. Clients not on satellite have reported 0 problems with connecting via htaccess to this system.
Expected behavior.
So, something is going on with what satellite providers are doing. I understand that some non-standard methods for access have been created to speed up satellite handshakes. It seems to me that the defacto standard was 7 communications per file transferred. But since this would take about 7 seconds via satellite, I think they have somehow cut this number back. Oddly, I can't seem to find a thing about his issue when googling. But I do know that dnsreport.com does not work from at least one directway satellite connection, which happens to be the one that can always login via htaccess to our systems.
htaccess files slow down apache, and it's recommended by the apache folks to avoid them whereever possible. However, you can leave the authentication box up for as long as you wish by default. When you submit the authentication, it passes to the server, which verifies it, and sends back the correct information. For htaccess based auth, the username/password is sent on EVERY page request. There is no session information or anything else for generic basic htaccess auth. The only explanation I know of for the behavior you're seeing would be dropped packets.
-
Cleber P. de Souza -
Jim Perrin -
John Hinton