I have a webapplication that isn't returning any status code at all for all requests that have an Authorization request header of the Bearer type.
I have made a small proof of concept with a new site in IIS and just an index.html file.
I have done four requests to this site:
four request
_t=A is a request without the Authorization header.
_t=B is a request with the Authorization header set to Bearer
_t=C is a request with the Authorization header set to Basic
_t=D is a request with the Authorization header set to Basicc
All four requests have sent the same response it just looks like the status code isn't sent to requests with an Authorization scheme that is unknown to IIS.
In the WS3SVC log file all requests do have a status 200:
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2016-08-19 13:37:41 ::1 GET /index.html _t=A 5443 - ::1 HTTP/2.0 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:47.0)+Gecko/20100101+Firefox/47.0 https://localhost:5443/index.html 200 0 0 4
2016-08-19 13:37:53 ::1 GET /index.html _t=B 5443 - ::1 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:47.0)+Gecko/20100101+Firefox/47.0 https://localhost:5443/index.html 200 0 0 1
2016-08-19 13:38:05 ::1 GET /index.html _t=C 5443 - ::1 HTTP/2.0 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:47.0)+Gecko/20100101+Firefox/47.0 https://localhost:5443/index.html 200 0 0 3
2016-08-19 13:38:14 ::1 GET /index.html _t=D 5443 - ::1 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+WOW64;+rv:47.0)+Gecko/20100101+Firefox/47.0 https://localhost:5443/index.html 200 0 0 3
I have also tested this on a different machine (also Windows 10 & IIS 10.0) and it has the same behavior.
Although it doesn't break the website by not sending a status code I still think there must be a way to resolve this issue.
Related
When a request come on a Varnish server, I would like to return an empty response or simply close the connection, if the requested server name is not known.
For example from nginx (the backend side of Varnish) I did that:
server {
listen 80 default_server;
listen [::]:80 default_server;
return 444;
}
server {
listen 80;
listen [::]:80;
server_name my.example.org
}
So, when an user/robot come on this nginx server with an address IP or an unknown host, it got: The connection was reset.
How do I?
With this configuration on nginx side and nothing more on Varnish side, if I try to access to the Varnish server with his public IP, I have: Error 503 Backend fetch failed - Backend fetch failed - Guru Meditation.
Perhaps there is a possibility on Varnish side, when response from backend (nginx) is 444, to simply close the connexion.
varnishlog says:
- BereqMethod GET
- BereqURL /
- BereqProtocol HTTP/1.1
...
- BereqHeader X-Varnish: 1540833
- VCL_call BACKEND_FETCH
- VCL_return fetch
- BackendOpen 33 default X.X.X.X 80 X.X.X.X 34862
...
- FetchError HTC eof (-1)
- BackendClose 33 default
...
- BerespProtocol HTTP/1.1
- BerespStatus 503
- BerespReason Backend fetch failed
- BerespHeader Date: Fri, 10 Feb 2023 10:10:48 GMT
- BerespHeader Server: Varnish
- VCL_call BACKEND_ERROR
I want to "process" this error.
If Varnish is hosted on the same machine as your Nginx server, Varnish should be listening on port 80 and Nginx on port 8080.
Once Varnish can reach Nginx, the Backend fetch failed issue will go away.
In Varnish you don't need to configure anything special, whatever Nginx returns, Varnish will handle. However, if you want to handle this in Varnish before Nginx is reached, you could use the following VCL code:
sub vcl_recv {
if(req.http.Host != "my.example.org") {
return(synth(403));
}
}
This assumes that my.example.org is the right Host header. This also assumes that returning a synthetic 403 Forbidden is an acceptable return value.
I'm trying to host my Web API built on .NET Core v2.2 on Windows 10 v1903.
I have the IIS installed, it's running.
I have installed the .NET Core Hosting Bundle.
I have copied over the output from the publish folder to a folder under inetpub/wwwroot:
I have created a website in IIS:
That website is using an application pool with "No managed code" CLR:
This is my web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\MyAPI.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
</system.webServer>
</location>
</configuration>
<!--ProjectGuid: 3840a856-efc8-4efc-b593-556179293e4e-->
And it's giving me 500 Internal Server Error when I try to browse the site.
Logs:
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2020-02-04 01:32:33
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2020-02-04 01:32:33 ::1 GET / - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 19 13 514
2020-02-04 01:32:33 ::1 GET /favicon.ico - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 http://localhost:5050/ 500 19 13 0
2020-02-04 01:32:37 ::1 GET /swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 19 13 0
2020-02-04 01:32:37 ::1 GET /favicon.ico - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 http://localhost:5050/swagger 500 19 13 1
2020-02-04 01:33:02 ::1 GET /myapi/swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 19 13 0
2020-02-04 01:33:02 ::1 GET /favicon.ico - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 http://localhost:5050/myapi/swagger 500 19 13 2
2020-02-04 01:33:09 ::1 GET / - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 19 13 1
2020-02-04 01:33:09 ::1 GET /favicon.ico - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 http://localhost:5050/ 500 19 13 0
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2020-02-04 02:58:25
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2020-02-04 02:58:25 ::1 GET / - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 4473
2020-02-04 02:58:29 ::1 GET /swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 5
2020-02-04 02:58:37 ::1 GET /MyAPI/swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 4
2020-02-04 02:58:40 ::1 GET /MyAPI - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 3
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2020-02-04 02:59:15
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2020-02-04 02:59:15 ::1 GET / - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 1340
2020-02-04 02:59:18 ::1 GET /swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 4
2020-02-04 02:59:27 ::1 GET /MyAPI/swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 3
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2020-02-04 03:18:09
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2020-02-04 03:18:09 ::1 GET / - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 1836
2020-02-04 03:18:12 ::1 GET /swagger - 5050 - ::1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/79.0.3945.130+Safari/537.36 - 500 0 0 5
Any ideas?
I'm setting up a WebDAV server in my Windows 7 desktop, using IIS 7.5. The aim is for a WebDAV client app in my Iphone to be able to access and sync a series of files in a given folder in the PC. It's all in my own home network, and I'll be the only one syncing files.
Anyway, I've set everything up, but here is something really odd:
If I create a file in my Iphone, and then sync it to the Windows desktop, and then delete it in my Iphone... it deletes the file in the Windows desktop the next time I sync, as it should.
But if I create a file in my PC, sync it to my Iphone, and then delete it in my Iphone, the next time I sync it won't delete the file in the PC. It will return the HTTP error code 412 (Precondition failed).
I have enabled tracing in IIS, and looking at the request headers, I don't see the WebDAV client sending any precondition. Here is what it says:
Data about the HTTP request:
SiteId 1
AppPoolId DefaultAppPool
ConnId 1610612964
RawConnId 0
RequestURL http://192.168.1.111:80/Notebooks/filename.txt
RequestVerb DELETE
Request headers:
Headers Connection: keep-alive
Content-Length: 0
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: es-es
Host: 192.168.1.111
If-Modified-Since: Wed, 07 Oct 2015 19:37:37 GMT
If-None-Match: "1ab8c9f371d11:0"
User-Agent: Notebooks 8.1.2 ( iPhone; iOS 8.4.1; es_ES)
And here is the only thing that the module says in its warning message:
ModuleName WebDAVModule
Notification 128
HttpStatus 412
HttpReason Precondition Failed
HttpSubStatus 0
ErrorCode 0
ConfigExceptionInfo
Notification EXECUTE_REQUEST_HANDLER
ErrorCode The operation was correctly completed. (0x0)
The above were the errors shown in IIS tracing. As for the regular Web server log:
192.168.1.230 - (my PC name) [07/Oct/2015:23:13:59 +0200] "PROPFIND /Notebooks/filename.txt HTTP/1.1" 207 509
192.168.1.230 - (my PC name) [07/Oct/2015:23:13:59 +0200] "DELETE /Notebooks/filename.txt HTTP/1.1" 412 1738
I have been in touch with the developer of the Iphone WebDAV client, and he says that, in his experience, this tends to suggests permission problems, but I have checked the permissions of the files in Windows, and they are fine. By this I mean that I check the files that I can delete from WebDAV, and then the ones that give me the 412 error... and both have identical permissions.
What else could it be?
I have ran into an issue here that I can not seem to find a solutions for. I have a form that I am trying to deploy in IIS 7.5 and when I execute my script I get the following error...
Error Summary
HTTP Error 405.0 - Method Not Allowed
The page you are looking for cannot be displayed because an invalid method
(HTTP verb) is being used.
Detailed Error Information
Module StaticFileModule
Notification ExecuteRequestHandler
Handler StaticFile
Error Code 0x80070001
Requested URL http://localhost:80/Address.php
Physical Path C:\inetpub\wwwroot\Address.php
Logon Method Anonymous
Logon User Anonymous
I have tried everything under the sun. I have deleted the WebDavmodule....I have added the POST verb to the StaticFile Module....I have selected all verbs under the verbs tab. I have enabled the CGI.exe file...also I enabled the ISAPI module. I have read numerous articles on the issue and it seems a lot of people are having these issues and they didn't find a real fix for it. If there is any information someone could provide to help me get passed this I would be more than thankful. In addition, I checked the server log files. They are as follows...
#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2015-04-08 13:33:24
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2015-04-08 13:33:24 ::1 GET /validation_data.js 233 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 200 0 0 171
2015-04-08 13:33:48 ::1 POST /Address.php - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 405 0 1 3
#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2015-04-08 13:48:12
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2015-04-08 13:48:12 ::1 GET /indv/ - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 403 14 0 17
2015-04-08 13:48:54 ::1 GET /Address.html - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 304 0 0 1
2015-04-08 13:48:54 ::1 GET /validation_data.js 341 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 200 0 0 25
2015-04-08 13:49:21 ::1 POST /Address.php - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 405 0 1 2
2015-04-08 13:49:48 ::1 GET /validation_data.js 787 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 200 0 0 33
2015-04-08 13:50:12 ::1 POST /Address.php - 80 - ::1 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2272.118+Safari/537.36 405 0 1 3
Ok. I am not getting the error anymore. This is what I did. I installed PHP Manger for IIS 7.5 64bit. After that I installed Visual C++ Redistributable for Visual Studio 2012 Update 4, which can be downloaded here http://www.microsoft.com/en-us/download/confirmation.aspx?id=30679!
I'm serving static files (images, javascript, css files) from a (hopefully) cookieless domain also mapped to my cloudcontrol deployment. Here are the request and reponse headers. I see no cookie header in the request, ETag and date check should satisfy, so I would expect that the varnish proxy in front of the cloudcontrol deployment would fetch the request and serve it, but everytime I try it out all static files are served from the Apache processes according to the response header. Any tipps appreciated.
Request URL:http://static.hotelpress.mobi/bundles/viermediamagazine/icons/social/Facebook_64.png
Request Method:GET
Status Code:304 Not Modified
Request Headers
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Host:static.hotelpress.mobi
If-Modified-Since:Sat, 20 Apr 2013 18:23:31 GMT
If-None-Match:"6008d436-1108-4daceeec74ec0"
Referer:---stripped out or my boss kills me---
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31
Response Headers
Accept-Ranges:bytes
Age:0
Connection:keep-alive
Date:Sat, 20 Apr 2013 18:31:33 GMT
ETag:"6008d436-1108-4daceeec74ec0"
Last-Modified:Sat, 20 Apr 2013 18:23:31 GMT
Server:Apache
Via:1.1 varnish
X-Varnish:995972028
X-varnish-cache:MISS
Assuming that Varnish is passing through all your Apache headers, it appears that you are not setting any headers telling Varnish to cache.
Varnish does cache silently for 2 minutes by default with no headers, but you probably want more than that.
You should also remove the Etag, for the reasons you say. More information on Etags is here.
If you have fingerprinted assets (per deploy/change), you should set those in Apache for 1 year.
Any others can be as long as you can stand (remembering that this may stop you frequently updating those assets, because they may be cached somewhere).
Here are the lines you need in apache:
<LocationMatch "^/path/to/fingerprinted/assets/.*$">
Header unset ETag
FileETag None
# RFC says only cache for 1 year
ExpiresActive On
ExpiresDefault "access plus 1 year"
Header append Cache-Control "public"
</LocationMatch>
and for others:
<LocationMatch "^/bundles/viermediamagazine/icons/.*$">
Header unset ETag
FileETag None
ExpiresActive On
ExpiresDefault "access plus 1 week"
Header append Cache-Control "public"
</LocationMatch>
You can use as many locations as you want - just make sure they do not overlap!
The example request you posted contains
Cache-Control:max-age=0
which prevents cached answers iirc. You could also try if setting a Cache-Control: max-age=<x> header in your response helps.
Extending the other answers: Here's a sample request to an app on cloudControl, that caches (when the ?c=1). In any case send requests multiple times until you get hits consistently to make sure all Varnish instances have cached the response.
$ curl -v http://impresstw.cloudcontrolled.com/?c=1
* About to connect() to impresstw.cloudcontrolled.com port 80 (#0)
* Trying 46.137.184.215...
* connected
* Connected to impresstw.cloudcontrolled.com (46.137.184.215) port 80 (#0)
> GET /?c=1 HTTP/1.1
> User-Agent: curl/7.27.0
> Host: impresstw.cloudcontrolled.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: text/html; charset=UTF-8
< Server: TornadoServer/2.4.1
< Cache-Control: max-age=36000, must-revalidate
< Expires: Tue, 23 Apr 2013 20:18:12 GMT
< Content-Length: 13
< Accept-Ranges: bytes
< Date: Tue, 23 Apr 2013 10:18:28 GMT
< X-Varnish: 1434600184 1434599691
< Age: 16
< Via: 1.1 varnish
< Connection: keep-alive
< X-varnish-cache: HIT
<