I moved my ModX website from localhost to a development server.
I updated the paths in my config files it seems to be doing fine, the frontend is working properly.
Only issue, when trying to load the manager at http://dev.noculture.asia/manager/, there is a request to connectors/lang.js.php: http://dev.noculture.asia/connectors/lang.js.php?ctx=mgr&topic=topmenu,file,resource,welcome,configcheck&action=
This request returns a 401 Unauthorized error and I have no idea why.
The logs aren't helpful at all:
Modx doesn't log any error, so I am guessing that means the error comes from Apache.
Apache error.log is empty, access.log only tells:
[11/Feb/2014:21:41:10 -0800] "GET /connectors/lang.js.php?ctx=mgr&topic=topmenu,file,resource,welcome,configcheck&action= HTTP/1.1" 401 391 "http://dev.noculture.asia/manager/" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.102 Chrome/32.0.1700.102 Safari/537.36"
Any suggestion how to fix this?
I realized that a 401 error is related to authentication.
I deleted the cookie for this domain, which destroyed my session. I was asked to login again, and now the manager is working properly.
Related
We never had any problem and we didn't deploy anything, but one particular customer on his ipv6 addr is now getting 403 error from our Apache and I just can't figure out why.
I'm not sure what to provide but I double check every a2 config file.
I can see the customer access in the access.log (with the 403 code status), but nothing in the error.log.
access.log :
2a02:2788(...):102f - - [17/May/2021:12:54:12 +0200] "GET /page_url HTTP/1.0" 403 368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 Edg/89.0.774.75"
2a02:2788(...):102f - - [17/May/2021:12:54:15 +0200] "GET /page_url HTTP/1.0" 403 368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 Edg/89.0.774.75"
It's not on the application level too, we don"t have anything that return a 403 error.
Any idea on what Apache can do to trigger 403 error specificly on IP ?
Why/how is the customer seemingly making an HTTP/1.0 request? This alone could be sufficient reason for the server to reject the request since normal users using normal browsers don't send HTTP 1.0 requests. (HTTP/1.1 is expected.)
Generally, only certain bots make HTTP 1.0 requests.
An Apache module like mod_security could potentially have a rule that would block such requests. (Or any other rule using mod_rewrite, for instance, could also block such requests - but this is certainly not a default.)
Edg/89.0.774.75
It would seem this may have been a bug with Microsoft Edge, as the following Microsoft community post (from around the same time as this question) would seem to suggest:
https://answers.microsoft.com/en-us/microsoftedge/forum/all/internet-explorer-and-ms-edge-sends-ssl-requests/22708bcd-f196-45fb-84c9-6d8c34e7e08f
And as also noted in the above article, this would seem to have been "fixed" in later versions. So, your customer may also now be "fixed". (?)
My Google compute engine virtual machine is hosting apache which is serving my website. When my website sends a post request to http://localhost:8080 It returns a 404, even though the (golang) server running in the file over can see url get requests.
I've tried adding Apache proxy all / calls to that server, But this seems to only work on Get requests put into the url.
To show that my server can see GET requests
[negroni] 2019/10/23 08:29:27.048676 Started GET /api/v1/login
[negroni] 2019/10/23 08:29:27.048941 Completed 404 Not Found in 262.947µs
While i need to be able to have it see the POST request
(axios.post('/api/v1/login', {username, password}))
Full request looks like
http://localhost:8992/api/v1/login
Here is the 'General' section of chrome Devtools Network
Request URL: http://localhost:8992/api/v1/login
Referrer Policy: no-referrer-when-downgrade
Here are the Request Headers
Provisional headers are shown
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
DNT: 1
Origin: https://carterstestdomain.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
Any help is greatly appreciated.
Fixed this by following
Apache and Node.js on the Same Server
Also, As with me, The problem could be comming from the request being http instead of https :)
We are seeing random letters appear in access logs. The requests 404 since the content does not exist. The requests are made by a variety of users and other requests from the same ip usually look genuine. There is no way to request these from the site. Some of these requests even appear from internal traffic on our network.
Example:
157.203.177.191 - - [04/Feb/2018:23:51:20 +0000] "GET /VLTRP/content/dam/example/dotcom/images/ABtest/existing-customer-thumb.jpg HTTP/1.1" 404 60294 39082 "http://www.example.com/shop.html" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" 2
Without the /VLTRP this is a genuine request. Has anyone seen something similar before?
For info we are running Apache/2.2.15 (Unix) with ModSec enabled. We do see similar behaviour on another site where we do not have ModSec configured. We see similar requests for internal, external and bot traffic.
I have huge 1 GB log file. As I know, it shows errors in my site. But I absolutely don't get it.
I have lots of rows like this:
8x.xxx.45.10x (my ip) - - [04/Feb/2011:09:59:48 -0500] "GET /post?slaps=bbrfd HTTP/1.1" 404 278 "http://mywebsite.com/" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.86 Safari/534.13"
What does it mean?
Thank you very much.
That entry indicates that a request for /post?slaps=bbrfd on your site was not found (404). The request came from your IP, transferred 278 bytes of data (the 404 error page's contents). The link that couldn't be found was clicked on mywebsite.com, and the rest is how the browser identified itself. The two dashes are for "remote username", and "username as logged into the site". The remote username is VERY rarely present, as it requires the remote site running identd and would slow down your site massively.
Looks like an access log file from Apache. Nothing to do with PHP or MySQL. Looks the user got a 404 page when trying to access /post?slaps=bbrfd
This would suggest the URL does not exist.
When I restart my apache2 and reload a page, the log file shows
boogie.tontut.fi - - [28/Oct/2008:03:27:49 +0200] "GET /test HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"
...as supposed to, as it's 03:27:49 now. However, when I click the refresh button again, the new log entry is:
boogie.tontut.fi - - [27/Oct/2008:21:27:52 -0400] "GET /test HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"
Offset has changed from +0200 to -0400 and I have no clue where this comes from.
How can I start troubleshooting this problem?
sudo vim /etc/php5/apache2/php.ini
Add time zone
date.timezone="Europe/London"
restart apache2
/etc/init.d/apache2 restart
Try and set your timezone explicitly in the httpd.conf:
SetEnv TZ GMT+2
Maybe looking at the system call would help; on Unix its gettimeofday and on Windows its GetSystemTime.
Isn't it possible that something that runs in apache is changing locale settings in its environment?
Something like:
First reload: log message GMT+2
Apache runs /weird_script.php that calls some kind of setlocale()
Second reload, new enviroment setting in effect, results in log message GMT-4