I have a website forurl.co
It is shortener, the homepage is working well,but the internal link, eg
http://forurl.co/queratocone_392849
First access, it is showing blank page and error log:
162.244.10.213 - - [27/Apr/2014:16:33:47 +0000] "GET /queratocone_392849 HTTP/1.1" 500 26 "" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0"
It is weird !!!!
But, if i reload the page again, it works !!!!
It is happening on thousand links on my website !
Could you guys pls give me hand!
Related
We have a (dynamic) WebApplication and are trying to solve some perfomance issues: When look at our our Apache-Logs it seems that a specific user agent (Safari) is sending multiple IDENTICAL requests during 1 second.
It may have to do with the implemtation of Pipelining in the mobile Version of Safari.
The log entries look like the following lines:
188.102.30.71 - - [16/Jan/2017:21:20:41 +0100] "GET /an/existing/path?a=b >HTTP/1.1" 200 407380 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_2 like Mac OS >X) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0 Mobile/14C92 >Safari/602.1" /0 /487136
188.102.30.71 - - [16/Jan/2017:21:20:42 +0100] "GET / HTTP/1.1" 200 12876 "-" >"MobileSafari/602.1 CFNetwork/808.2.16 Darwin/16.3.0" /0 /79180
188.102.30.71 - - [16/Jan/2017:21:20:42 +0100] "GET / HTTP/1.1" 200 12876 "-" >"MobileSafari/602.1 CFNetwork/808.2.16 Darwin/16.3.0" /0 /31172
188.102.30.71 - - [16/Jan/2017:21:20:42 +0100] "GET / HTTP/1.1" 200 12876 "-" >"MobileSafari/602.1 CFNetwork/808.2.16 Darwin/16.3.0" /0 /25425
"and more of them..."
It seems that for 1 real user action we receive the identical request for another resource (here the /) several times (8 - 10 times).
Is this the Apple-Implementation of Pipelining? We don't see other User Agents with this behaviour.
Is there a way to prevent these requests? We use Apache for delivering our content.
I am glad for any hints and suggestions which may help to solve this problem.
Tino
I moved my ModX website from localhost to a development server.
I updated the paths in my config files it seems to be doing fine, the frontend is working properly.
Only issue, when trying to load the manager at http://dev.noculture.asia/manager/, there is a request to connectors/lang.js.php: http://dev.noculture.asia/connectors/lang.js.php?ctx=mgr&topic=topmenu,file,resource,welcome,configcheck&action=
This request returns a 401 Unauthorized error and I have no idea why.
The logs aren't helpful at all:
Modx doesn't log any error, so I am guessing that means the error comes from Apache.
Apache error.log is empty, access.log only tells:
[11/Feb/2014:21:41:10 -0800] "GET /connectors/lang.js.php?ctx=mgr&topic=topmenu,file,resource,welcome,configcheck&action= HTTP/1.1" 401 391 "http://dev.noculture.asia/manager/" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.102 Chrome/32.0.1700.102 Safari/537.36"
Any suggestion how to fix this?
I realized that a 401 error is related to authentication.
I deleted the cookie for this domain, which destroyed my session. I was asked to login again, and now the manager is working properly.
I am hosting a small test website in ec2 and there should be only 2-3 test users with valid login to my server. However, I am seeing a lot of junk logs in my apache access_log(
/var/log/httpd/access_log):
198.2.208.231 - - [13/Dec/2013:21:11:07 +0000] "GET http://ib.adnxs.com/ttj?id=1995383&position=above HTTP/1.0" 302 - "http://www.minbusiness.net/?p=611" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0 Safari/533.16"
173.234.32.69 - - [13/Dec/2013:21:11:07 +0000] "GET http://ads.creafi-online-media.com/st?ad_type=iframe&ad_size=728x90,468x60§ion=5172215&pub_url=${PUB_URL} HTTP/1.0" 302 - "http://lookfashionstyle.com/index.php?option=com_content&view=category&layout=blog&id=42&Itemid=98&limitstart=24" "Mozilla/4.0 (compatible; MSIE 6.0; WINDOWS; .NET CLR 1.1.4322)"
198.136.31.98 - - [13/Dec/2013:21:11:07 +0000] "GET http://ad.tagjunction.com/st?ad_type=ad&ad_size=468x60§ion=4914662&pub_url=${PUB_URL} HTTP/1.0" 302 - "http://www.benzec.com" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13"
....
Not exactly sure what's going on... Am I being attacked?
thanks!
One possibility is that your server is configured as an open proxy and some ad scams are proxying traffic through it to hide their real origin.
There is alot of bots around the web attempting all kinds of exploits,
I spawned my web server just yesterday and already received lots of spamming/exploit attempts. Like the ones in the thread I've just created ( and not only, quite a few others.. Cloudflare is helping but it doesn't catch it all, at least not in the free version, which is what I am using to get some protection):
Exploit Attempts in nginx access log, Some logs without IP, what to do about it?
I have huge 1 GB log file. As I know, it shows errors in my site. But I absolutely don't get it.
I have lots of rows like this:
8x.xxx.45.10x (my ip) - - [04/Feb/2011:09:59:48 -0500] "GET /post?slaps=bbrfd HTTP/1.1" 404 278 "http://mywebsite.com/" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.86 Safari/534.13"
What does it mean?
Thank you very much.
That entry indicates that a request for /post?slaps=bbrfd on your site was not found (404). The request came from your IP, transferred 278 bytes of data (the 404 error page's contents). The link that couldn't be found was clicked on mywebsite.com, and the rest is how the browser identified itself. The two dashes are for "remote username", and "username as logged into the site". The remote username is VERY rarely present, as it requires the remote site running identd and would slow down your site massively.
Looks like an access log file from Apache. Nothing to do with PHP or MySQL. Looks the user got a 404 page when trying to access /post?slaps=bbrfd
This would suggest the URL does not exist.
When I restart my apache2 and reload a page, the log file shows
boogie.tontut.fi - - [28/Oct/2008:03:27:49 +0200] "GET /test HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"
...as supposed to, as it's 03:27:49 now. However, when I click the refresh button again, the new log entry is:
boogie.tontut.fi - - [27/Oct/2008:21:27:52 -0400] "GET /test HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"
Offset has changed from +0200 to -0400 and I have no clue where this comes from.
How can I start troubleshooting this problem?
sudo vim /etc/php5/apache2/php.ini
Add time zone
date.timezone="Europe/London"
restart apache2
/etc/init.d/apache2 restart
Try and set your timezone explicitly in the httpd.conf:
SetEnv TZ GMT+2
Maybe looking at the system call would help; on Unix its gettimeofday and on Windows its GetSystemTime.
Isn't it possible that something that runs in apache is changing locale settings in its environment?
Something like:
First reload: log message GMT+2
Apache runs /weird_script.php that calls some kind of setlocale()
Second reload, new enviroment setting in effect, results in log message GMT-4