I'm trying to figure out why this is happening. In production, my site https://gordo.fitness returns the favicons apple-touch-icon.png, favicon-16x16.png, favicon-16x16.png and favicon.ico are not properly loaded/served to the browser (Firefox, Chrome, Firefox for Android, Chrome for Android). The browsers for desktop report that the resource in itself is corrupt and this favicon checker reports those same resources are "ill-formed"
But locally, the Docker containers (docker container run --rm my-container -p 80:80) that serve the images show them properly:
172.17.0.1 - - [10/Jul/2022:00:55:53 +0000] "GET /favicon.ico HTTP/1.1" 200 15086 "http://localhost/favicon-16x16.png" "Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" "-"
And, no complains or 404s coming from Ingress NGINX either:
10.124.0.3 - - [10/Jul/2022:00:37:47 +0000] "GET /favicon-16x16.png HTTP/1.1" 200 1189 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36" 244 0.004 [gordo-fitness-gordo-frontend-staging-service-80] [] 10.244.1.4:3000 1189 0.004 200 7d0bb41030dea1e7152a6bfd3ce64e76
137.184.180.250 - - [10/Jul/2022:00:37:47 +0000] "GET /favicon-16x16.png HTTP/1.1" 200 1189 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36" 244 0.003 [gordo-fitness-gordo-frontend-staging-service-80] [] 10.244.1.4:3000 1189 0.000 200 0024ae0458b1c5b7f80c12b224c2ef01
So I'm out of clues and don't know what's happening, maybe I did something wrong with my Ingress configuration?:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/issuer: letsencrypt-nginx
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"networking.k8s.io/v1","kind":"Ingress","metadata":{"annotations":{"cert-manager.io/issuer":"letsencrypt-nginx"},"name":"gordo-fitness-ingress","namespace":"gordo-fitness"},"spec":{"ingressClassName":"nginx","rules":[{"host":"gordo.fitness","http":{"paths":[{"backend":{"service":{"name":"gordo-frontend-staging-service","port":{"number":80}}},"path":"/","pathType":"Prefix"}]}}],"tls":[{"hosts":["gordo.fitness"],"secretName":"letsencrypt-nginx"}]}}
creationTimestamp: "2022-07-06T06:31:02Z"
generation: 5
name: gordo-fitness-ingress
namespace: gordo-fitness
resourceVersion: "1381386"
uid: b0377c4d-737f-4722-8ea9-d052df7970eb
spec:
ingressClassName: nginx
rules:
- host: gordo.fitness
http:
paths:
- backend:
service:
name: gordo-frontend-staging-static-service
port:
number: 8081
path: /[[:alnum:]]+\.(ico|png|svg|txt|webmanifest|xml)
pathType: Exact
- backend:
service:
name: gordo-frontend-staging-service
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- gordo.fitness
secretName: letsencrypt-nginx
status:
loadBalancer:
ingress:
- ip: 146.190.0.179
EDIT:
checking with dhex I see there are 2 bits changed in the file after being served vs the original from disk:
I believe the issue is not with the serving of the content, rather the content itself is corrupt. I mean there is nothing wrong with your ingress configuration, or the site traffic setup in general.
If you try and open the icon you downloaded with GET ==> 200 OK, you might see that the icon is indeed corrupted. The HTTP protocol does not verify the "sanity" of the data, and so, as far as HTTP is concerned, you can have a mixture of random bytes encoded into a PNG file, and it will transport them successfully as well. It will only verify the content encoding correctness, not the sanity of the payload.
Perhaps you can try and regenerate the icons.
Files were corrupted on the repository, probably something is wrong with my Git configuration (newline replacement, maybe?) since the generated files come from a third-party service, and thus something may be changed in the contents by Git.
I work around this activating Git LFS in my repository.
Related
I was asked to take a look at environment and I'm trying to figure things out right now.
The trouble I'm facing is that there's AWS ALB 504 timeout after ALB's idle timeout setting whenever backend API (express.js) expected to return 401, 404, or probably any 4xx within second or two.
Request and response for other status 200 302 etc works just fine.
I believe the environment is setup using Elastic Beanstalk and looks like
ALB <==> nginx <==> express.js
where nginx and express.js are in single EC2 instance.
I don't see .ebextensions folder in source so I'm guessing it was setup using web management console.
In ALB log,
When backend expect to return 401, I'm getting :
h2 2022-10-07T04:57:29.140969Z app/awseb-xxxxxxxxxxxx/xxxxxxxxx xxx.xxx.xxx.xxx:62296 xxx.xxx.xxx.xxx:80 0.001 -1 -1 504 - 633 605 "POST https://[url1]....
When backend expect to return 404, I'm getting :
h2 2022-10-07T05:37:18.740746Z app/awseb-xxxxxxxxxxxx/xxxxxxxxx xxx.xxx.xxx.xxx:60324 xxx.xxx.xxx.xxx:80 0.001 -1 -1 504 - 569 605 "GET https://[url2]....
In nginx log,
[ALB IP] - - [07/Oct/2022:04:57:29 +0000] "POST /somepath HTTP/1.1" 499 0 "https://[url1]" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "xxx.xxx.xxx.xxx"
[ALB IP] - - [07/Oct/2022:05:37:18 +0000] "GET [url2] HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "xxx.xxx.xxx.xxx"
This 504, 499 issue does not occur on environment without ALB configuration.
I have following file in source's root directory and seems like it's been loaded. (at least client_max_body_size works and uploading large file fails if not loaded)
.platform/nginx/conf.d/proxy.conf
proxy_http_version 1.1;
client_max_body_size 200M;
proxy_connect_timeout 90;
proxy_read_timeout 90;
proxy_send_timeout 90;
proxy_buffer_size 32k;
proxy_buffers 50 32k;
proxy_busy_buffers_size 32k;
proxy_next_upstream off;
I've looked at https://aws.amazon.com/premiumsupport/knowledge-center/504-error-alb/
but I'm not sure if the situation matches any of those 5 and how I should be diagnosing this. Any advice or pointers would be much appreciated.
I created new beanstalk environment PHP 7.3 running on 64bit Amazon Linux/2.9.6, Apache - with default PHP sample app. It's a classic load balancer type. But for now I have made it listening only to http at port 80. No https.
After deployment default PHP sample app runs fine on beanstalk environment url(cname) provided. Sample PHP app opens and because my environment is listening to just http so in browser I get "not secure" warning as normal behaviour but my Beanstalk URL is working so far and I see PHP sample app on browser.
Now I created fresh Laravel 7.x projects on my local machine. I tested and default "/" route points to welcome Laravel page. I deployed this sample Laravel project to my environment using EB on my Mac terminal.
Deploy is successful. I change the document root to "/public" in configuration because Laravel's index in inside public folder. Environment is in green health. Now I open Beanstalk URL and I see it's just taking a minute or so then it fails to load page saying "server where this page is located isn't responding" in Safari browser.
I checked my security group and it is listening to both http and ssh.
Final note: I have been doing this for long time. This is my first time experiencing this issue. Am I missing something?
Edit
I went inside Ec2 dashboard. I copied both Public DNS (IPv4) and IPv4 Public IP, tried accessing them in browser. It just takes time to connect and finish with "page not responding error".
My inbound rules for my security group:
HTTP TCP 80 0.0.0.0/0 -
SSH TCP 22 0.0.0.0/0 -
HTTPS TCP 443 0.0.0.0/0 -
Edit 2
Here is my access log from environment logs:
172.31.21.84 (103.86.57.43) - - [24/May/2020:18:34:31 +0000] "GET / HTTP/1.1" 301 278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15"
103.86.57.58 (-) - - [24/May/2020:18:37:45 +0000] "GET / HTTP/1.1" 301 230 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15"
172.31.10.171 (195.154.94.244) - - [24/May/2020:18:45:10 +0000] "GET / HTTP/1.1" 301 228 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"
I see that GET is called on / and http 301 is returned. It moved permanently. What does this mean?
I solved my issue by creating new fresh environment from eb cli in terminal using
eb create
Not sure why this worked but gave issue when creating environment from console dashboard.
I was looking my apache logs and I find out this.
Log Line: 192.168.1.2 - - [30/Nov/2016:15:46:52 +0100] "GET http://www.Mywebsite.... HTTP/1.1" 200 5539 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
This happen a few times with that IP, but i cannot understand how is bingbot executing from that IP.
Thanks in advance
My VPS shutdown because the HDD is filling up and I realized that the microcache.log file is becoming 12GB after I delete it. The content of microcache.log file is:
23.88.110.68 - - [12/Jun/2014:16:09:45 -0400] "GET http://ib.adnxs.com/ttj?id=2168123&position=below HTTP/1.0" 502 166 "battercar.com/?p=436" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_4_11; en) AppleWebKit/528.4+ (KHTML, like Gecko) Version/4.0dp1 Safari/526.11.2" nocache:
173.208.213.94 - - [12/Jun/2014:16:09:45 -0400] "GET ib.adnxs.com/tt?id=2962937 HTTP/1.0" 502 568 "http://www.existeducation.com/tag/tap/" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.0 Safari/532.0" nocache:
(continues thousans of lines...)
How can I repair my VPS? I got tired to delete this file everyday.
VPS : Centos 6 with nginx
Large LOG files should be deleted http://wikitechsolutions.com/2761/microcache-log-file-exceeds-my-vps-hdd
See:
Here are images are downloaded good:
https://polishwords.com.pl/dev/testAbort2.php
And here:
https://polishwords.com.pl/dev/testAbort.php
I get them in Firefox with HTTPS and randomly one of them is Aborted and does not display correctly.
In logs on server it looks like this:
[22/Mar/2013:23:29:11 +0100] "GET /images/mukonczeniestudiow.jpg HTTP/1.1" 200 6705 "-" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
And when the file is loaded ok:
[22/Mar/2013:23:30:41 +0100] "GET /images/mukonczeniestudiow.jpg HTTP/1.1" 200 6907 "https://polishwords.com.pl/dev/testAbort.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
What can be the cause of this problem?
In Chrome and in Opera it seems to work fine. I have latest Firefox.
It was something on server blocking several queries