keep-alive mechanism - What is the complete syntax? - Apache Web Server forum at WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

keep-alive mechanism - What is the complete syntax?

dstiles

3:13 pm on Feb 3, 2020 (gmt 0)

As I understand it from online reading, in order to keep a onnection alive a client must send headers as:

Connection: keep-alive
Keep-Alive: [max=n] [timeout=n]

Without the second line the first is ignored by the server? Or does it imply the server and client have to negotiate?

AND...

I am seeing numerical values for Keep-Alive which have no indication as to the purpose of the value. Eg:

Keep-Alive: 115

I cannot find reference to this format anywhere. Is it valid or a sign of a badly designed bot disguised by its UA as (eg) Chrome? If the latter it would be a useful indication of a blockable bot.

And would it be fair to tag an apparent browser that has no connection keep-alive as a bot?

lucy24

5:15 pm on Feb 3, 2020 (gmt 0)

Your answer is going to be server-specific. On mine, every request--without exception--comes with
Connection: close
and the only time I ever, ever see the element “Keep-Alive” is in the rare header
Proxy-Connection: Keep-Alive
(and a handful of robotic typos like “Xroxy-Connection”)

You may need to do some cross-checking between headers and access logs. If certain headers are only sent by robots (using the rough-and-dirty diagnostic of “requests only the page, with no supporting files”) then ### yeah, block them. I’ve got an environmental variable called bot_header for this purpose. It’s pretty rare, though, and always found in conjunction with one or more other header deficits or anomalies.

lammert

5:20 pm on Feb 3, 2020 (gmt 0)

Browsers without a Connection: keep-alive header are not necessarily a bot. With HTTP/2 keep-alive is deprecated because sending multiple resources in one connection is there handled in another way.

According to Mozilla [developer.mozilla.org] the parameter list must explicitly state timeout= and max=, so your example with only the number 115 is probably invalid. These settings are used as a hint anyway, so both parties may decide to close the connection earlier than the timeout or the number of requests is reached.

dstiles

11:46 am on Feb 4, 2020 (gmt 0)

Lucy: My apache 2.4 server shows a mix of Connection keep-alive (with and without Keep-Alive), close and none. Due to the type of sites I run on apache I get very few real visitors but an increasing number of unwanted bots, injectors and other nasties, so most of the above applies to baddies, trapped on other criteria. I was wondering if the absence or incorrect (value-type) Keep-Alive was yet another indicator; I have too few genuine hits to be sure.

lammert: I'd forgotten about HTTP/2 - which I have yet to see on this server. Thanks for confirming the Keep-Alive format; I could not find anything online other than that but was wondering if I'd missed something. I'm aware the parameters may not be acted upon.

I've been looking further at the detailed logs and discovered that bots such as G and Bing issue Connection: keep-alive but with no Keep-Alive parameters, so am assuming (with no real evidence) that the lack of Keep-Alive merely means "We'll discuss this, I'll get back to you."

I think I'll assume for now the presence of a tag-less value for Keep-Alive means stupid bot. Thanks.