I have a web site deployed under App Services of Azure. It is working well up to couple of days before. But since two days Iam receiving below error
502 - Web server received an invalid response while acting as a gateway or proxy server.
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
When I access Site with xyz.azurewebsites.net it doesn't show this error. This is only displayed when I access with custom domain name. I have enabled Failure Request Tracing, but FREB logs doesn't show any 502 errors.
Can anyone help me understand what's the issue is?
Thanks
Azure WebApps have ARR sever (aka the FrontEnd) in front of the actual machines serving the web applications (known as the workers) and HTTP 502 is returned via the FrontEnd servers typically under these conditions
The request is taking a really long time on the actual worker
machine to execute
The worker process corresponding to the web
application is not even running or crashing multiple times.
Since the HTTP 502 error is happening on the FrontEnd servers, you won’t see these in the IIS logs because the IIS logs are of the worker so basically in your case either the request is taking too long to execute or the worker process serving the request (on the actual worker machine) is crashing.
As you mentioned that things work when you access the site over a custom domain vs xyz.azurewebsites.net then I would suggest checking a few things.
Make sure that your custom domain is really resolving to the right xyz.azurewebsites.net. Try using www.digwebinterface.com and put your custom domain there and make sure that it resolves to xyz.azurewebsites.net
Check if by any chance your code does something special for requests which arrive on your custom domain. Meaning any special processing like database lookups, or URLRewrite rules getting triggered etc. for requests only to custom domains.
Also check in your FREB logs to see if you can spot any long running requests when the hostname contains custom domain. You can use the FREB Viewer under the Support Portal for your WebApp to check this easily
Check if the WebApp is crashing by going to the EventViewer under the Support Portal for your WebApp and see if there are any crash related events.
You can reach the support portal of your WebApp by going to https://xyz.scm.azurewebsites.net/Support (where xyz is name of your Azure WebApp)
If this doesn’t help, then I recommend engaging Microsoft Support as they can check some of these things easily at their end.
Related
it's just a simple express js web app in standard environment, i put my custom domain and is working ok,
but a couple of days ago I started receiving these requests and I want to know what they are.
Those requests are typically Let's Encrypt requests to verify that you control the domain during the SSL certificate validation process.
The response is 404 Not Found which means the pages do not exist.
Those requests are harmless provided that you do not receive a massive number of requests.
I am working on a web application, containing multiple views, that is using the ASP.NET framework for the backend and the Angular framework for the frontend. When running this web application on my local machine, every view loads without issue, returning the 200 - OK status. However, when I deploy and run my application in the Azure dev environment, one view is intermittently returning a 404 - Not Found status. All of the other views seem to be working fine, with the exception of this one.
Also, when I look at the console, it appears that the URL being requested by the front-end is the front-end URL, which it should not be requesting. It should be requesting the backend URL, which is what every other successful view is requesting.
Is there a general cause to this issue or do I need to provide more information regarding the code I am using? Thanks.
Assuming everything in the network but the app is working fine (example: no packet loss when your application's network traffic traverse public and private network) there are three possible causes
Client side lack of permission to access the object (please verify
messages exchanged between azure and your the browser with chrome
dev tools) and if is trueyou can you can configure Cross Origin
Resource Sharing (CORS) for the storage service the Angular client
is accessing;
Also is possible a SASAuthorizationError issue (Please check the
SASAuthorizationError in the metrics. Fault is non zero. Here is
explained)
last but not least please check in server-side logs if another
process deleted your target before frontend app can access
I have a ASP.Net MVC Website Hosted on IIS on couple of servers with load balancers, it a very simple page when it opens it logs user details in DB and show the view.
Issue is: It becomes unreachable sometime and pages are never opened. I have to restart APP Pool to get back on track and then it happens again.
What I have tried:
Made sure all DB connection are properly handled, any connection that gets opened are surely closed
Have put Recycle of APP Pool based on volume of RAM
Went through IIS logs and checked that request have reached there or not
There are other application also running on Server but the problem is isolated to this website
There are global users, issue persist of different global area
What I think it can be:
Might be possible that Load Balancer is never diverting my request
My request getting lost in between networks and layer
This is Production environment and we are not facing this issue in ACC or Dev.
What else I can go ahead and check?
When a user does not have any permissions or the right permissions to an action in my application, I return an HttpUnauthorizedResult. When running locally and on our old set of servers, this would show the IIS 401 page to let them know the issue. However, I recently deployed to a new environment, and I am just getting a blank page. I've pulled up Fiddler and I can see that I'm getting a 0 content length returned from the server, so it's definitely something on the server side.
Open up Server Manager and go to Roles, then scroll down to Web Server (IIS). Make sure that Http Errors is Installed under Role Services.
I have been tasked with getting a asp.net (vb.net) talking to an analysis services engine on our production servers. The web server is a separate machine from the web server. The web server runs as the IUSR_ user. The application (of course) works on the development machine which has both IIS and Analysis services on it. The problem I see appears to be a permissions error (returned in the browser by the asp.net app):
An existing connection was forcibly closed by the remote host ....
it is described in a similar post here: http://www.mydatabasesupport.com/forums/sqlserver-olap/201903-existing-connection-forcibly-closed-remote-host.html
I am not a system admin, nor am I an expert in analysis services (why have I been tasked with this you ask? because other people haven't been able to get it working and it has fallen on me). Anyway, I could use some help ... I have tried creating and adding the user (IUSR_) to the sql server and added that user to the role. While that worked on my local machine, it did not work in our production environment where the sql and web servers are separate.
tia,
Don
well after some fiddling i came up with something that works. its probably not a huge security concern because this server is not visible to the public internet; it is visible only to a couple iis servers (it is not on our lan) - this is, however, a 'brute-force', non-secure solution (in some environments anyway) ...
ON THE IIS SERVER: added this to the connection string in web config: SSPI=anonymous; this turns on an unauthenticated access request.
ON THE SQL SERVER: in analysis services, right click on the server. under "general" go near the bottom to "Security\RequireClientAuthentication" and change it to False
same page, select "security" on the left (instead of general). Add "ANONYMOUS LOGIN" to the list of users
get out of the server properties. right click on the CubeViewer role in the cube and choose properties. Add ANONYMOUS LOGIN to the list of users.
so, i have unauthenticated access from our iis server to the sql server.
i'd still be interested in seeing a more secure solution - oh, and i forgot to mention, there is no domain ... these are two servers on the same subnet with only regular logins.