Summary

All the production and test enviroment host machines are configured to access internet with proxy (proxy.kfupm.edu.sa). By default these machines are not allowed to access internet without proxy(confirmed with Aiman bhai).

Traffic flow with proxy configured

server

host -> firewall -> proxy Firewall records traffic with client as the host and target as proxy. Proxy contains detailed log of the traffic: client: host request the traffic target: DNS or IP of the traffic

client

when proxy is configured in the web client, e.g. chrome, the traffic will be redirected to the proxy through firewall and then to the internet.

Issue with django-recaptca package

By default this package uses `www.google.com` server to validate the captcha, ref. This server can be changed by using `RECAPTCHA_DOMAIN` domain settings. The issue was when using `RECAPTCHA_DOMAIN=www.recaptcha.net` the host machine is able to communicate with the server and th traffic was visible in firewall(client as proxy) and details in the proxy. But when default or the settings was `RECAPTCHA_DOMAIN=www.google.com` the Django application was breaking with error `<urlopen error [Errno 104] Connection reset by peer>: connection timeout` but there was no traffic recorded in the firewall or the proxy.

TODO Why/how the host machine is not allowing the traffic to www.google.com to reach firewall?