403 Forbidden error in 32 bit WAMP - http-status-code-403

I installed WAMP 2.5, 32 bit on windows 2008 standard server. Everything looks fine on localhost but when tried from network I am having below error.
Forbidden
You don't have permission to access /phpmyadmin on this server.
Apache/2.4.9 (Win32) PHP/5.5.12 Server at MYSERVER Port 80
access.log showing following error:
my IP [11/Nov/2016:15:09:27 +0530] "GET / HTTP/1.1" 403 292
my IP [11/Nov/2016:15:09:27 +0530] "GET /favicon.ico HTTP/1.1" 403 303
my IP [11/Nov/2016:15:09:49 +0530] "GET /phpmyadmin HTTP/1.1" 403 302
my IP [11/Nov/2016:15:09:49 +0530] "GET /favicon.ico HTTP/1.1" 403 303
my IP [11/Nov/2016:15:09:54 +0530] "GET /phpmyadmin HTTP/1.1" 403 302
my IP [11/Nov/2016:15:09:54 +0530] "GET /favicon.ico HTTP/1.1" 403 303
Thanks in advance. It will helpful if someone give step by step changes for 32 bit version.

Related

Access existing files from specifc User Agent will cause 404 error

Today I check the access log of my website, and find a very strange thing.
When user accessing the file "/downloads/files/ddbfr.exe" with user agent "LWP::Simple/6.13 libwww-perl/6.13", he will get 404 error:
108.162.215.191 - - [22/Dec/2021:12:30:35 -0800] "GET /dbf-repair/ddbfr.exe HTTP/1.1" 301 - "-" "LWP::Simple/6.13 libwww-perl/6.13"
172.70.98.107 - - [22/Dec/2021:12:30:36 -0800] "HEAD /downloads/files/ddbfr.exe HTTP/1.1" 404 - "-" "LWP::Simple/6.13 libwww-perl/6.13"
108.162.215.191 - - [22/Dec/2021:12:30:36 -0800] "GET /dbf-repair/ddbfr.exe HTTP/1.1" 301 - "-" "LWP::Simple/6.13 libwww-perl/6.13"
172.70.98.33 - - [22/Dec/2021:12:30:37 -0800] "HEAD /downloads/files/ddbfr.exe HTTP/1.1" 404 - "-" "LWP::Simple/6.13 libwww-perl/6.13"
However, when accessing the same file "/downloads/files/ddbfr.exe" with other user agent, such as FireFox, then everything will be OK:
172.70.210.253 - - [22/Dec/2021:13:10:28 -0800] "GET /downloads/files/ddbfr.exe HTTP/1.1" 200 8035760 "-" "Mozilla/5.0 (X11; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12"
It seems that my server is returned 404 for specific agent. However, I check my .htaccess file but cannot find anything like the one in 301 redirect based on user-agent. Why?
Note: There is a redirect from /dbf-repair/ddfr.exe to /downloads/files/ddbfr.exe in .htaccess.

How to report a bug of GoogleBot?

Over the last days, Google Bot tries to read one URL of our main site over and over again, leading to a DDOS attack :) Our website got very slow because of the massive requests of the Google Crawler.
Here an excerpt for the curious ones (or if a Google engineers reads this post):
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/594749/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/impressum HTTP/1.0" 200 32603
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/403551/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/bestusers HTTP/1.0" 200 32603
66.249.76.55 - - [27/May/2019:06:31:23 +0200] "GET /235432/tag/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/403551/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/403551/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/schreibregeln HTTP/1.0" 200 32603
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/594749/tag/chat HTTP/1.0" 200 32603
Or here (see the different IPs, so there are several bots):
66.249.76.54 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/386961/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/punkte HTTP/1.0" 200 32587
66.249.76.55 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/403551/agb HTTP/1.0" 200 32587
66.249.76.56 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/user/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/qa-theme/lounge/js/lounge.min.js?v=2019-01-17 HTTP/1.0" 200 32587
66.249.76.55 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/luckentext-zum-thema-extrema-funktionenschar-ft-x-1-2-tx-2-2-t HTTP/1.0" 200 32587
66.249.76.58 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/323274/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/user/Lu HTTP/1.0" 200 32587
66.249.76.57 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/badges HTTP/1.0" 200 32587
The false link that was leading to this problem:
~plot~ 4x^2; 4*x^2 + 4*(1/32)*x - 15*(1/32)^2; x; [[0.1]]~plot~
Where can I report a bug of GoogleBot?
There seems to be no official way how to report a bug.
Here is the link to report a crawling bug of Google Bot:
https://www.google.com/webmasters/tools/googlebot-report
Report a problem with how Googlebot crawls your site.
You can report problems only for domain-level properties (for example, "www.example.com/")
The rate at which Google crawls your page depends on many factors:
The URLs we already know about
Links from other web pages (within your site and on other sites)
URLs listed in your Sitemap.
For most sites, Googlebot shouldn't access your site more than once every few seconds on average.
Probably the report link was not easy to find since you need a Google Webmaster account and can apparently only report your own websites.

How to Protect Flask from ZMEU

Forgive me if this is a duplicate question, but I'm running a Flask app using Celery and Rabbit MQ in a Kubernetes service. The service is run as a public-facing LoadBalancer. The problem I've seen is with ZMEU scan attacks which mess up the Flask uri structure and render the app unusable:
10.240.0.4 - - [19/Apr/2018 04:48:05] "GET / HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 04:48:10] "GET /index.action HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 07:32:29] "GET / HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 08:54:38] "GET / HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 11:13:06] "GET /w00tw00t.at.blackhats.romanian.anti-sec :) HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 11:13:11] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 11:13:16] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 11:13:21] "GET /pma/scripts/setup.php
...
This occurs after successful pings to the URI. I have a healthcheck occurring because this silently renders the app unreachable, though the container itself is healthy and doesn't exit.
While I am working on securing the endpoint itself, I feel that it's more of a band-aid, and the app code should be resilient to this type of attack. Is there a way for me to catch any unspecified URI (not defined by an #app.route() decorator)?
EDIT: I've made an attempt to only accept requests that have a uri header in the request by using redirects in a general uri-path http://my.flask.app:80/ to point to the proper service, but this hasn't remedied the problem

Richfaces 3.3.3 fileupload fails - with error: (OS 10054) existing connection was forcibly closed by the remote host

We have a setup with Front-end Apache web server for JBoss application server. Our env is Myfaces 1.2.6 with Tomahawk, Ricfaces 3.3.3
Please note that only from one of our client network, upload is failing only for large file sizes. (sometimes fails for above 50-100MB, and always fails for above 200MB)
The logs in front-end apache web server shows:
x.x.x.x - - [09/Sep/2012:11:45:49 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:50 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:51 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:17 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.9487435704432351&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id45760 HTTP/1.1" 200 -
The error in JBoss AS console is:
2012-09-10 12:21:34,796 ERROR [org.apache.myfaces.shared_tomahawk.renderkit.html.HtmlGridRendererBase] (ajp-0.0.0.0-8009-1) Wrong columns attribute for PanelGrid headerTableId: -2147483648
2012-09-10 12:22:21,981 ERROR [org.apache.myfaces.lifecycle.PhaseListenerManager] (ajp-0.0.0.0-8009-2) Exception in PhaseListener RESTORE_VIEW 1 beforePhase.
org.ajax4jsf.exception.FileUploadException: IO Error parsing multipart request
at org.ajax4jsf.request.MultipartRequest.parseRequest(MultipartRequest.java:388)
at org.richfaces.component.FileUploadPhaselistener.beforePhase(FileUploadPhaselistener.java:63)
at org.apache.myfaces.lifecycle.PhaseListenerManager.informPhaseListenersBefore(PhaseListenerManager.java:73)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:93)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:76)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at org.apache.myfaces.webapp.MyFacesServlet.service(MyFacesServlet.java:103)
at com.mycom.myapp.FacesErrorHandlingServlet.service(FacesErrorHandlingServlet.java:44)
at sun.reflect.GeneratedMethodAccessor580.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:301)
at sun.reflect.GeneratedMethodAccessor461.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at com.mycom.myapp.FacesSessionFilter.process(FacesSessionFilter.java:57)
at com.mycom.myapp.SessionFilter.doFilter(SessionFilter.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206)
at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:367)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515)
at sun.reflect.GeneratedMethodAccessor279.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at sun.reflect.GeneratedMethodAccessor254.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:384)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.io.IOException: Request data cannot be read
at org.ajax4jsf.request.MultipartRequest.readData(MultipartRequest.java:341)
at org.ajax4jsf.request.MultipartRequest.readNext(MultipartRequest.java:210)
at org.ajax4jsf.request.MultipartRequest.parseRequest(MultipartRequest.java:382)
... 101 more
I am not sure if
1. firewalls in that client network can give this problem or
2. apache / jboss configuration (req timeout etc) - but then upload works from other country networks.
Just to add a note about Richfaces fileupload component client side behavior: It is trying multiple times to upload the same file. This is evident from the progress bar, where it tries to upload some bytes, fails, again starts from the start, again fails...this pattern is also matches with apache server logs as shown below. Finally, after 5-10 tries, upload fails with "Transfer error occurred".
x.x.x.x - - - [09/Sep/2012:13:51:52 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - - [09/Sep/2012:13:50:59 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:51:53 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:55 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:51:56 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:57 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:58 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:59 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:00 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:01 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:02 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:04 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:05 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:06 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:07 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:08 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:09 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:10 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:12 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:13 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:14 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:15 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:16 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:53 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:52:17 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:18 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:19 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:21 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:22 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:23 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:24 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:25 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:26 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:27 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:29 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:30 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:31 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:32 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:33 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:34 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:35 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:37 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:38 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:16 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:52:39 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - [09/Sep/2012:13:52:40 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
Please share any pointers or workarounds that I can try, and that will be very helpful.
#update : After running apache with debug logs, the error log shows the upload for a single file of size 200MB. In this case, 5 tries happened to upload, in each try, the error message is
[client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
, but finally upload failed. Please share any idea where to fix this issue.
[Thu Sep 13 01:52:54 2012] [info] removed PID file C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/httpd.pid (pid=8060)
[Thu Sep 13 01:55:57 2012] [notice] Apache/2.2.22 (Win32) mod_jk/1.2.31 configured -- resuming normal operations
.
.
.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Acquired the start mutex.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Starting 64 worker threads.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Starting thread to listen on port 80.
[Thu Sep 13 01:58:19 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:00:45 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:01:20 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:02:10 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:02:47 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:03:19 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
We don't use richfaces but trinidad which is another JSF component library.
There is a configuration which defines the files size which can be uploaded as follows:
<context-param>
<!-- Maximum disk space per request (in bytes) -->
<param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_DISK_SPACE</param-name>
<!-- Use 5,000K -->
<param-value>15360000</param-value>
</context-param>
Here you can specify how large file you can support. Look for similar configuration for richfaces as well.
Found the following solution, hope it helps someone. Thanks very much all for your replies.
With port 80 and HTTP, the file transfers are being stopped by web/URL filtering appliances.
The solution is to change the HTTP based portal from port 80 to 8080.
Or if the site is to be run on port 80, change the site to secure (https)

PuppetCA not signing Certificate-Requests

I'm having a setup with MCollective 1.2.0, Puppet 2.6.4 and an
provision-agent. Most of the time this works great, but sometimes
(every 10th node or so) I experience, that signing-requests of puppet-
agents are not getting signed on the master.
In this case every request of the puppet agent to the "/production/certificate/..." fails with an HTTP-Error 404.
The problem is also hard to analyze because the logoutput is not very
detailed.
Puppet-Agent:
Jun 18 16:10:38 ip-10-242-62-183 puppet-agent[1001]: Creating a new SSL key for ...
Jun 18 16:10:38 ip-10-242-62-183 puppet-agent[1001]: Caching certificate for ca
Jun 18 16:10:41 ip-10-242-62-183 puppet-agent[1001]: Creating a new SSL certificate request for ...
Jun 18 16:10:41 ip-10-242-62-183 puppet-agent[1001]: Certificate
Request fingerprint (md5): 6A:3F:63:8A:59:2C:F6:C9:5E:56:5F:39:16:FF:19:BE
Puppet-Master:
"GET /production/certificate/a.b.c.d HTTP/1.1" 404
"GET /production/certificate_request/a.b.c.d HTTP/1.1" 404
"GET /production/certificate/a.b.c.d HTTP/1.1" 404
"GET /production/certificate/a.b.c.d HTTP/1.1" 404
"GET /production/certificate/a.b.c.d HTTP/1.1" 404
"GET /production/certificate/a.b.c.d HTTP/1.1" 404
... last message repeats endlessly
Does anyone have a glue about that?
Markus

Resources