Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set custom User-Agent string for hstspreload #118

Closed
devonobrien opened this issue Sep 2, 2021 · 2 comments
Closed

Set custom User-Agent string for hstspreload #118

devonobrien opened this issue Sep 2, 2021 · 2 comments

Comments

@devonobrien
Copy link
Collaborator

The outbound scans used by hstspreload.org as well as bulk updates to check for preloading eligibility have started to be blocked by several CDNs' spam/fraud detection, which is preventing the addition and removal of domains in several known instances (and likely more we don't know about). Adding a custom user agent string lets these agents be allowlisted with a (User-Agent, ASN)-tuple.

I suggest "hsts-preload-bot" as a possible UA string, but am welcome to other suggestions.
@nharper
Copy link
Collaborator

nharper commented Sep 2, 2021

There's some discussion of this on #107.

@devonobrien
Copy link
Collaborator Author

Thanks! I didn't see any active issues with this, but probably should have dug deeper into closed issues. Regarding your comments on #107, I'm also not generally a fan of encouraging allowlisting by user agent string, but this is the only mechanism we've been presented with to circumvent the automated blocking of domain scans. I'll re-open #107 and continue the discussion there.

@devonobrien devonobrien mentioned this issue Sep 2, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nharper @devonobrien