<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 26 Nov 2022, 7:14 am Richard Duivenvoorde, <<a href="mailto:rdmailings@duif.net">rdmailings@duif.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Yes, I've seen this behaviour also (not only to russion, also to french etc)...<br>
<br>
Since years(!) we have some rules like:<br>
<br>
RewriteCond %{HTTP:Accept-Language} ^ca [NC]<br>
RewriteRule ^/$ /ca/site/ [L,R=301]<br>
RewriteCond %{HTTP:Accept-Language} ^da [NC]<br>
RewriteRule ^/$ /da/site/ [L,R=301]<br>
RewriteCond %{HTTP:Accept-Language} ^de [NC]<br>
RewriteRule ^/$ /de/site/ [L,R=301]<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Just putting this out there: let's remove the Russian language redirect entirely? It's not a good impression at all for the site to mistakenly go to a Russian version, of all languages. I'd very much prefer a mistake which gave me the qgis website in spanish, french,... </div><div dir="auto"><br></div><div dir="auto">Just not Russian 😡</div><div dir="auto"><br></div><div dir="auto">Nyall</div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
in our apache configs<br>
<br>
And this has worked for a long time. I really don't know how this could be compromised, other that somebody in a proxy would be able to change the headers...<br>
Which make me think that the only thing which can do this is Cloudflare (also looking into your image)<br>
<br>
Maybe somebody can try to contact them?<br>
<br>
Another possibility is that there is some http-caching somewhere in the route? Which does something with the headers? Or is not checking them?<br>
<br>
Regards,<br>
<br>
Richard Duivenvoorde<br>
<br>
<br>
On 11/25/22 21:10, Johannes Kröger (WhereGroup) wrote:<br>
<br>
Hey you lovely people,<br>
> <br>
> this might have been a temporary configuration mistake or anything but in the current climate one has to assume a compromise/attack:<br>
> <br>
> Some minutes ago I was visiting <a href="http://qgis.org" rel="noreferrer noreferrer" target="_blank">qgis.org</a> in my browser and the website was in cyrillic. I noticed the URL was <a href="https://qgis.org/ru/site/" rel="noreferrer noreferrer" target="_blank">https://qgis.org/ru/site/</a><br>
> <br>
> My requests came from a German IP and my browser locale should be set to something English so this was surprising and had never happened before. I am fairly sure that my system was not compromised.<br>
> <br>
> I checked with curl -I and I was being redirected to that language. A few moments later I checked again and it was back to /en/<br>
> <br>
> Here are my curl responses with the Cloudflare stuff if it helps pinpointing the moment or processes involved: <a href="https://pastebin.com/raw/36HwcxKW" rel="noreferrer noreferrer" target="_blank">https://pastebin.com/raw/36HwcxKW</a><br>
> <br>
> Not sure if this is the right mailing list but I didn't want to spread FUD on -user and no one was on IRC so this seemed like the best choice. Please forward it to people who can check the server(s) if they aren't reading here. Thanks!<br>
> <br>
> Cheers, Hannes<br>
> <br>
> _______________________________________________<br>
> Qgis-psc mailing list<br>
> <a href="mailto:Qgis-psc@lists.osgeo.org" target="_blank" rel="noreferrer">Qgis-psc@lists.osgeo.org</a><br>
> <a href="https://lists.osgeo.org/mailman/listinfo/qgis-psc" rel="noreferrer noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/qgis-psc</a><br>
<br>
_______________________________________________<br>
Qgis-psc mailing list<br>
<a href="mailto:Qgis-psc@lists.osgeo.org" target="_blank" rel="noreferrer">Qgis-psc@lists.osgeo.org</a><br>
<a href="https://lists.osgeo.org/mailman/listinfo/qgis-psc" rel="noreferrer noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/qgis-psc</a><br>
</blockquote></div></div></div>