Richfaces 3.3.3 fileupload fails - with error: (OS 10054) existing connection was forcibly closed by the remote host

Richfaces 3.3.3 fileupload fails - with error: (OS 10054) existing connection was forcibly closed by the remote host - jsf

We have a setup with Front-end Apache web server for JBoss application server. Our env is Myfaces 1.2.6 with Tomahawk, Ricfaces 3.3.3
Please note that only from one of our client network, upload is failing only for large file sizes. (sometimes fails for above 50-100MB, and always fails for above 200MB)
The logs in front-end apache web server shows:
x.x.x.x - - [09/Sep/2012:11:45:49 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:50 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:51 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - [09/Sep/2012:11:45:17 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.9487435704432351&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id45760 HTTP/1.1" 200 -
The error in JBoss AS console is:
2012-09-10 12:21:34,796 ERROR [org.apache.myfaces.shared_tomahawk.renderkit.html.HtmlGridRendererBase] (ajp-0.0.0.0-8009-1) Wrong columns attribute for PanelGrid headerTableId: -2147483648
2012-09-10 12:22:21,981 ERROR [org.apache.myfaces.lifecycle.PhaseListenerManager] (ajp-0.0.0.0-8009-2) Exception in PhaseListener RESTORE_VIEW 1 beforePhase.
org.ajax4jsf.exception.FileUploadException: IO Error parsing multipart request
at org.ajax4jsf.request.MultipartRequest.parseRequest(MultipartRequest.java:388)
at org.richfaces.component.FileUploadPhaselistener.beforePhase(FileUploadPhaselistener.java:63)
at org.apache.myfaces.lifecycle.PhaseListenerManager.informPhaseListenersBefore(PhaseListenerManager.java:73)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:93)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:76)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at org.apache.myfaces.webapp.MyFacesServlet.service(MyFacesServlet.java:103)
at com.mycom.myapp.FacesErrorHandlingServlet.service(FacesErrorHandlingServlet.java:44)
at sun.reflect.GeneratedMethodAccessor580.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:301)
at sun.reflect.GeneratedMethodAccessor461.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at com.mycom.myapp.FacesSessionFilter.process(FacesSessionFilter.java:57)
at com.mycom.myapp.SessionFilter.doFilter(SessionFilter.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206)
at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:367)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515)
at sun.reflect.GeneratedMethodAccessor279.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at sun.reflect.GeneratedMethodAccessor254.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:307)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:384)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.io.IOException: Request data cannot be read
at org.ajax4jsf.request.MultipartRequest.readData(MultipartRequest.java:341)
at org.ajax4jsf.request.MultipartRequest.readNext(MultipartRequest.java:210)
at org.ajax4jsf.request.MultipartRequest.parseRequest(MultipartRequest.java:382)
... 101 more
I am not sure if
1. firewalls in that client network can give this problem or
2. apache / jboss configuration (req timeout etc) - but then upload works from other country networks.
Just to add a note about Richfaces fileupload component client side behavior: It is trying multiple times to upload the same file. This is evident from the progress bar, where it tries to upload some bytes, fails, again starts from the start, again fails...this pattern is also matches with apache server logs as shown below. Finally, after 5-10 tries, upload fails with "Transfer error occurred".
x.x.x.x - - - [09/Sep/2012:13:51:52 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4986
x.x.x.x - - - [09/Sep/2012:13:50:59 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:51:53 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:55 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:51:56 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:57 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:58 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:59 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:00 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:01 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:02 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:04 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:05 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:06 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:07 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:08 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:09 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:10 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:12 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:13 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:14 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:15 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:16 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:51:53 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:52:17 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:18 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:19 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:21 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:22 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:23 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:24 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:25 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:26 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:27 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:29 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:30 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:31 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:32 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:33 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:34 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:35 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:37 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - - [09/Sep/2012:13:52:38 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x -- - [09/Sep/2012:13:52:16 -0400] "POST /myapp
/ui/home.faces?_richfaces_upload_uid=0.21159051128917716&
actionForm:upload=actionForm:upload&_richfaces_upload_file_indicator=true&
AJAXREQUEST=actionForm:j_id437 HTTP/1.1" 200 -
x.x.x.x - - - [09/Sep/2012:13:52:39 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
x.x.x.x - - [09/Sep/2012:13:52:40 -0400] "POST /myapp/ui/home.faces HTTP/1.1" 200 4984
Please share any pointers or workarounds that I can try, and that will be very helpful.
#update : After running apache with debug logs, the error log shows the upload for a single file of size 200MB. In this case, 5 tries happened to upload, in each try, the error message is
[client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
, but finally upload failed. Please share any idea where to fix this issue.
[Thu Sep 13 01:52:54 2012] [info] removed PID file C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/httpd.pid (pid=8060)
[Thu Sep 13 01:55:57 2012] [notice] Apache/2.2.22 (Win32) mod_jk/1.2.31 configured -- resuming normal operations
.
.
.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Acquired the start mutex.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Starting 64 worker threads.
[Thu Sep 13 01:55:57 2012] [notice] Child 7864: Starting thread to listen on port 80.
[Thu Sep 13 01:58:19 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:00:45 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:01:20 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:02:10 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:02:47 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network
[Thu Sep 13 02:03:19 2012] [info] [client x.x.x.x] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the network

We don't use richfaces but trinidad which is another JSF component library.
There is a configuration which defines the files size which can be uploaded as follows:
<context-param>
<!-- Maximum disk space per request (in bytes) -->
<param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_DISK_SPACE</param-name>
<!-- Use 5,000K -->
<param-value>15360000</param-value>
</context-param>
Here you can specify how large file you can support. Look for similar configuration for richfaces as well.

Found the following solution, hope it helps someone. Thanks very much all for your replies.
With port 80 and HTTP, the file transfers are being stopped by web/URL filtering appliances.
The solution is to change the HTTP based portal from port 80 to 8080.
Or if the site is to be run on port 80, change the site to secure (https)

Related

How to report a bug of GoogleBot?

Over the last days, Google Bot tries to read one URL of our main site over and over again, leading to a DDOS attack :) Our website got very slow because of the massive requests of the Google Crawler.
Here an excerpt for the curious ones (or if a Google engineers reads this post):
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/594749/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/impressum HTTP/1.0" 200 32603
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/403551/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/bestusers HTTP/1.0" 200 32603
66.249.76.55 - - [27/May/2019:06:31:23 +0200] "GET /235432/tag/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/403551/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/403551/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/schreibregeln HTTP/1.0" 200 32603
66.249.76.54 - - [27/May/2019:06:31:23 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/594749/tag/chat HTTP/1.0" 200 32603
Or here (see the different IPs, so there are several bots):
66.249.76.54 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/386961/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/user/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/punkte HTTP/1.0" 200 32587
66.249.76.55 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/403551/agb HTTP/1.0" 200 32587
66.249.76.56 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/user/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/403551/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/qa-theme/lounge/js/lounge.min.js?v=2019-01-17 HTTP/1.0" 200 32587
66.249.76.55 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/594749/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/luckentext-zum-thema-extrema-funktionenschar-ft-x-1-2-tx-2-2-t HTTP/1.0" 200 32587
66.249.76.58 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/323274/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/323274/user/Lu HTTP/1.0" 200 32587
66.249.76.57 - - [27/May/2019:09:24:42 +0200] "GET /235432/~plot~+4x%5E2%3B+4%2Ax%5E2+++4%2A%281/32%29%2Ax+-+15%2A%281/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/154807/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/323274/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/235432/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/32)*x%20-%2015*(1/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/user/user/tag/tag/~plot~%204x%5E2;%204*x%5E2%20+%204*(1/badges HTTP/1.0" 200 32587
The false link that was leading to this problem:
~plot~ 4x^2; 4*x^2 + 4*(1/32)*x - 15*(1/32)^2; x; [[0.1]]~plot~
Where can I report a bug of GoogleBot?
There seems to be no official way how to report a bug.

Here is the link to report a crawling bug of Google Bot:
https://www.google.com/webmasters/tools/googlebot-report
Report a problem with how Googlebot crawls your site.
You can report problems only for domain-level properties (for example, "www.example.com/")
The rate at which Google crawls your page depends on many factors:
The URLs we already know about
Links from other web pages (within your site and on other sites)
URLs listed in your Sitemap.
For most sites, Googlebot shouldn't access your site more than once every few seconds on average.
Probably the report link was not easy to find since you need a Google Webmaster account and can apparently only report your own websites.

How to Protect Flask from ZMEU

Forgive me if this is a duplicate question, but I'm running a Flask app using Celery and Rabbit MQ in a Kubernetes service. The service is run as a public-facing LoadBalancer. The problem I've seen is with ZMEU scan attacks which mess up the Flask uri structure and render the app unusable:
10.240.0.4 - - [19/Apr/2018 04:48:05] "GET / HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 04:48:10] "GET /index.action HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 07:32:29] "GET / HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 08:54:38] "GET / HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 11:13:06] "GET /w00tw00t.at.blackhats.romanian.anti-sec :) HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 11:13:11] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 400 -
10.240.0.4 - - [19/Apr/2018 11:13:16] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 400 -
10.244.2.1 - - [19/Apr/2018 11:13:21] "GET /pma/scripts/setup.php
...
This occurs after successful pings to the URI. I have a healthcheck occurring because this silently renders the app unreachable, though the container itself is healthy and doesn't exit.
While I am working on securing the endpoint itself, I feel that it's more of a band-aid, and the app code should be resilient to this type of attack. Is there a way for me to catch any unspecified URI (not defined by an #app.route() decorator)?
EDIT: I've made an attempt to only accept requests that have a uri header in the request by using redirects in a general uri-path http://my.flask.app:80/ to point to the proper service, but this hasn't remedied the problem

403 Forbidden error in 32 bit WAMP

I installed WAMP 2.5, 32 bit on windows 2008 standard server. Everything looks fine on localhost but when tried from network I am having below error.
Forbidden
You don't have permission to access /phpmyadmin on this server.
Apache/2.4.9 (Win32) PHP/5.5.12 Server at MYSERVER Port 80
access.log showing following error:
my IP [11/Nov/2016:15:09:27 +0530] "GET / HTTP/1.1" 403 292
my IP [11/Nov/2016:15:09:27 +0530] "GET /favicon.ico HTTP/1.1" 403 303
my IP [11/Nov/2016:15:09:49 +0530] "GET /phpmyadmin HTTP/1.1" 403 302
my IP [11/Nov/2016:15:09:49 +0530] "GET /favicon.ico HTTP/1.1" 403 303
my IP [11/Nov/2016:15:09:54 +0530] "GET /phpmyadmin HTTP/1.1" 403 302
my IP [11/Nov/2016:15:09:54 +0530] "GET /favicon.ico HTTP/1.1" 403 303
Thanks in advance. It will helpful if someone give step by step changes for 32 bit version.

java.io.IOException: Too many open files kafka-rest proxy

I am using confluent kafka platform . I have a topic with 4 partition and replication factor of 2. Single zookeeper, three brokers and kafka-rest proxy server. Now I am load testing the system with siege running 1000 users with a list of api which in turn hit kafka producer. I have my producer and consumer using the rest proxy (kafka-rest). I am getting following issue:
{ [Error: getaddrinfo EMFILE] code: 'EMFILE', errno: 'EMFILE', syscall: 'getaddrinfo' }
In kafka-rest log I can see:
[2016-02-23 07:13:51,972] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 14 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,973] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 15 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,974] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 12 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,978] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 6 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,983] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 6 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,984] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 4 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,985] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 7 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,993] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 3 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,994] INFO 127.0.0.1 - - [23/Feb/2016:07:13:51 +0000] "POST /topics/endsession HTTP/1.1" 200 120 4 (io.confluent.rest-utils.requests:77)
[2016-02-23 07:13:51,999] WARN Accept failed for channel java.nio.channels.SocketChannel[closed] (org.eclipse.jetty.io.SelectorManager:714)
java.io.IOException: Too many open files
at sun.nio.ch.ServerSocketChannelImpl.accept0(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.accept(ServerSocketChannelImpl.java:422)
at sun.nio.ch.ServerSocketChannelImpl.accept(ServerSocketChannelImpl.java:250)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.processAccept(SelectorManager.java:706)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.processKey(SelectorManager.java:648)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.select(SelectorManager.java:611)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.run(SelectorManager.java:549)
at org.eclipse.jetty.util.thread.NonBlockingThread.run(NonBlockingThread.java:52)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
So I went through a lot of questions related to this. Set my ec2 machine paramenters so that I dont get too many open file error. But its not solved. I have reduced the TIME_WAIT to 30 seconds. ulimit -n is 80000.
I have collected some stats and look like kafka rest proxy which is running on `localhost:8082 causing too many connections.
How do I solve this issue? Also sometimes when error is coming and then I stop my siege test but again when TIME_WAIT connections are reduced, I restart my load test with 1 user only still I see the same issue. Some issue in rest proxy wrapper for node js?
`

You need to increase the ulimit for that process. In order to check the ulimit for a particular process , run this:
sudo cat /proc/<process_id>/limits
in order to increase the ulimit for process running via supervisord, you can increase minfds in supervisord.conf

How to prevent brute force attack against Magento XML-RPC

I have a Magento 1.9.2 system that is currently undergoing a brute force attack against its xml-rpc endpoint from an EC2 host.
I can simply firewall the source address but that is a short term solution, since it will likely face another attack from a different address. I would like to be able to detect these attacks automatically to lock them down.
Fail2ban is commonly used under such circumstances but in order for it to work, I understand that it must be able to find login failure messages in a log file somewhere, however Magento does not seem to be logging the failed attempts.
How can I prevent the xml-rpc endpoint being brute forced?
54.246.87.74 - - [20/Jul/2015:13:10:24 +0000] "POST /index.php/api/xmlrpc/ HTTP/1.1" 200 777 "-" "XML-RPC.NET"
54.246.87.74 - - [20/Jul/2015:13:10:24 +0000] "POST /index.php/api/xmlrpc/ HTTP/1.1" 200 777 "-" "XML-RPC.NET"
54.246.87.74 - - [20/Jul/2015:13:10:25 +0000] "POST /index.php/api/xmlrpc/ HTTP/1.1" 200 777 "-" "XML-RPC.NET"
54.246.87.74 - - [20/Jul/2015:13:10:26 +0000] "POST /index.php/api/xmlrpc/ HTTP/1.1" 200 777 "-" "XML-RPC.NET"
54.246.87.74 - - [20/Jul/2015:13:10:27 +0000] "POST /index.php/api/xmlrpc/ HTTP/1.1" 200 777 "-" "XML-RPC.NET"
Action taken so far
I've configured fail2ban with a new filter and jail to lock it down but I still don't know if this is the best solution.
filter.d/magento-xmlrpc.conf
[Definition]
failregex = ^<HOST> .*POST .*api\/xmlrpc\/
ignoreregex =
jail.local
[magento-xmlrpc]
enabled = true
port = http,https
filter = magento-xmlrpc
logpath = /home/user/logs/access.log
maxretry = 20
findtime = 30
bantime = 600

Develop Reference

node.js excel linux python-3.x azure haskell apache-spark rust .htaccess string

Richfaces 3.3.3 fileupload fails - with error: (OS 10054) existing connection was forcibly closed by the remote host - jsf

Related

How to report a bug of GoogleBot?

How to Protect Flask from ZMEU

403 Forbidden error in 32 bit WAMP

java.io.IOException: Too many open files kafka-rest proxy

How to prevent brute force attack against Magento XML-RPC

Categories

Resources