While watching some log files the other day i saw a client suddenly start generating these error messages and for the life of me i cant figure out whats causing them.
2012/03/06 13:16:56 [info] 14212#0: *2018230 client sent invalid header line:
"CUDA_CLIIP: 10.3.68.20" while reading client request headers, client: 72.162.16.3,
server: <oursever.com>, request: "GET /images/101431.jpg HTTP/1.0", host: "<ourhost>",
referrer: "http://<ourserver.com>/<valid_url>"
This went on for more than 30 minutes before i dropped that ip in iptables. Fyi this is an nginx install.
The only information i could find online was this page:
http://nemesis.te-home.net/Projects/AdvOR-Help/
You probably just need to turn underscores_in_headers on;
Related
My server receives a lot of request for ".well-known/assetlinks.json". I think those request are from hackers.
Here what I get in the error file:
2022/03/07 20:16:02 [error] 44030#44030: *878180 open() "/somefolder/www/public/.well-known/assetlinks.json" failed (2: No such file or directory), client: 82.65.5.229, server: www.myserver.com, request: "GET /.well-known/assetlinks.json HTTP/1.1", host: "myserver.com"
How can I setup NGinx to ban the requester? Maybe a 2 hours ban...
I don't understand how to do it from the documentation.
This would not be a good idea especially as certain webcrawlers may be caught in this trap. It is recommended to leave the behaviour of most errors alone (except from custom error pages)
If would like to avoid logging of these usseless rows
Note: these are useless because our server is not running wordpress. So I'd like to simply avoid these lines in log file because we are monitoring error log files sizes and it cause false positive
[error] 22328#22328: *2090 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 77.89.13.110, server: , request: "GET /wp-admin.php HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:", host: ""
how can I exclude these kind of rows?
I resolved adding two location inf my nginx config file, one for both of wp-admin and wp-login calls.
In these I simply disabled logging.
I cannot and do not want to disable logging of 404, because if user reach a 404 there I must understand what is wrong.
My first time trying hands on nginx-vod-module or any video streaming for that matter.
I just want to play static mp4 videos which I place on the server but via hls instead of direct mp4 access. No actual live streaming
Q1. Am I right in understanding that a mp4 video which I place locally on my server, will automatically get broken down into segments for HLS?
My nginx installation is here: /opt/kaltura/nginx
The mp4 file is placed at /opt/kaltura/nginx/test/vid.mp4
In ../nginx/conf/server.conf, I have this:
location /hls/ {
alias test/;
vod hls;
vod_bootstrap_segment_durations 2000;
vod_bootstrap_segment_durations 2000;
vod_bootstrap_segment_durations 2000;
vod_bootstrap_segment_durations 4000;
include /opt/kaltura/nginx/conf/cors.conf;
}
location / {
root html;
}
Now, I am able to access the m3u8 file:
curl http://104.167xxxxx/hls/vid.mp4/index.m3u8
But when I try to open this file via VLC, I see these errors in errors.log:
*2020/10/31 15:00:08 [error] 12749#0: *60 mp4_parser_validate_stsc_atom: zero entries, client: 49.207 ..., server: ubuntu, request: "GET /hls/vid.mp4/seg-1-v1.ts HTTP/1.1", host: "104.167. ..."
2020/10/31 15:00:08 [error] 12752#0: *61 mp4_parser_validate_stsc_atom: zero entries, client: 49.207 ..., server: ubuntu, request: "GET /hls/vid.mp4/seg-2-v1.ts HTTP/1.1", host: "104.167. ..."
2020/10/31 15:00:09 [error] 12749#0: *62 mp4_parser_validate_stsc_atom: zero entries, client: 49.207 ..., server: ubuntu, request: "GET /hls/vid.mp4/seg-3-v1.ts HTTP/1.1", host: "104.167. ..."
2020/10/31 15:00:10 [error] 12751#0: *63 mp4_parser_validate_stsc_atom: zero entries, client: 49.207 ..., server: ubuntu, request: "GET /hls/vid.mp4/seg-4-v1.ts HTTP/1.1", host: "104.167. ..."*
Q2: Is https must for this to work?
Q3: I dont see any /hls/vid.mp4 folder created anywhere on the server. Do I have to manually run ffmpeg separately to create the hls segments?
What wrong am I doing?
I'm no Kaltura expert, but hopefully this will help narrow some of your issues:
A1: Yes, Kaltura will package a solid mp4 to transport stream packets for HLS.
A2: No, this should work over plain http, have run many tests over http myself, does not require https.
A3: No, you don't need to manually run ffmpeg. I believe ffmpeg is a prerequisite, so it should be installed, but you do not need to chunk the mp4 yourself, the kaltura plugin will do this.
I've not seen the particular error message you posted, so afraid I can't help with that.
I'm developing PayPal Adaptive Payments on one of my sites. Problems comes, when i deployed app, to server with NGINX+PHP-FPM. When i'm trying to process paypal payment, nginx throws 502 error.
18777#0: *711 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: xx.xx.xx.xx, server: www.domain.com, request: "GET /payment/5584 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "domain.com", referrer: "http://domain.com/process/5584"
PHP-FPM are using socket file, to communicate with nginx. All other apps on server, was running correctly. PHP has json, curl and openssl enabled.
Have someone similar problem with paypal? Maybe some tips, or what to look for, when configuring nginx/fpm for using paypal api?
SOLVED
Uncommenting one line in php-fpm pool conf, solved first problem:
catch_workers_output = yes
Then i saw next error:
Message Unknown cipher in list: TLSv1
Removing:
CURLOPT_SSL_CIPHER_LIST => 'TLSv1'
From /sdk-core-php/lib/PPHttpConfig.php solved this problem, and now, my payments are running correctly :)
2014/03/31 23:06:50 [error] 25914#0: *765 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 173.77.251.136, server: wiki.resonant-rise.com, request: "POST /index.php?title=Chisel&action=submit HTTP/1.1", upstream: "fastcgi://127.0.0.1:9016", host: "wiki.resonant-rise.com", referrer: "http://wiki.resonant-rise.com/index.php?title=Chisel&action=edit"
2014/03/31 23:06:50 [error] 25914#0: *765 open() "/usr/share/nginx/html/50x.html" failed (2: No such file or directory), client: 173.77.251.136, server: wiki.resonant-rise.com, request: "POST /index.php?title=Chisel&action=submit HTTP/1.1", upstream: "fastcgi://127.0.0.1:9016", host: "wiki.resonant-rise.com", referrer: "http://wiki.resonant-rise.com/index.php?title=Chisel&action=edit"
I have a mediawiki installation and an IPB installation. They both through up errors but this one error from mediawiki prevents me from posting semi-large articles. I have tried a lot of the solutions out there, adding catch_workers_output = yes, adjusting pm.* settings. Still not able to resolve this issue. I am coming to my wits end trying to figure this one out.
PHP-FPM Conf
http://pastie.org/private/aczklc52ll9yv0uz5drcqg
PHP-FPM WWW.CONF
http://pastie.org/private/wod3xipxhm8ractksw7ha
NGINX VHOST for MEDIAWIKI
http://pastie.org/private/h9co8aykbdmfzk2bd5qq
If the failure depends on size of the pages, it has to do with how much work the operation causes. My wild guess would be: increase the timeout (you currently have send_timeout 60s;).
It's easy for the parse time of a very long page to go over 60 seconds, especially if you're on a low power server, have not tuned performance or have enabled heavy parser extensions.
in my case it was that the php version of the project was different with the version of php I had been