Search Results

Search found 17716 results on 709 pages for 'bad pool header'.

Page 34/709 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • What exactly is an invalid HTTP_HOST header

    - by rolling stone
    I've implemented Django's relatively new allowed hosts setting, which is meant to prevent attackers from submitting requests with a fake HTTP Host header. Since adding that setting, I now get anywhere from 20-100 emails a day notifying me of invalid HTTP_HOST headers. I've copied in an example of a typical error message below. I'm hosting my site on EC2, and am relatively new to setting up/maintaining a server, so my question is what exactly is happening here, and what is the best way to manage these invalid and I assume malicious requests? [Django] ERROR: Invalid HTTP_HOST header: 'www.launchastartup.com'.You may need to add u'www.launchastartup.com' to ALLOWED_HOSTS.

    Read the article

  • mod_proxy Fowarding Based on Request Host Header

    - by zigzagip
    Lets say I have 3 URLs and they all point to the same reverse proxy. I would like to have the requests being forwarded to the web servers behind the proxy based on the host header: webfront1.example.com > reverseproxy.example.com > backend1.example.com webfront2.example.com > reverseproxy.example.com > backend2.example.com webfront3.example.com > reverseproxy.example.com > backend3.example.com Based on what I have read, I can configure reverseproxy.example.com/webfront1 > backend1.example.com, reverseproxy.example.com/webfront2 > backend2.example.com, etc. I am wondering if proxy based on host header is even possible or if I used the wrong approach entirely.

    Read the article

  • Use the keyword class as a variable name in C++

    - by Leif Andersen
    I am having trouble writing C++ code that uses a header file designed for a C file. In particular, the header file used a variable name called class: int BPY_class_validate(const char *class_type, PyObject *class, PyObject *base_class, BPY_class_attr_check* class_attrs, PyObject **py_class_attrs); This works in C as class isn't taken as a keyword, but in C++, class is. So is there anyway I can #include this header file into a c++ file, or am I out of luck? Thank you.

    Read the article

  • Force memcached to write to all servers in pool

    - by Industrial
    Hi everyone, I have thought a bit on how to make sure that a particular key is distributed to ALL memcached servers in a pool. My current, untested solution is to make another instance of memcached, something like this: $cluster['local'] = array('host' => '192.168.1.1', 'port' => '11211', 'weight' => 50); foreach ($this->cluster() as $cluster) { @$this->tempMemcache = new Memcache; @$this->tempMemcache->connect($cluster['host'], $cluster['port']); @$this->tempMemcache->set($key, $value, $this->compress, $expireTime); @$this->tempMemcache->close(); } What is common sense to do in this case, when certain keys need to be stored on ALL servers for reliability?

    Read the article

  • nginx load balance with IIS backend servers waiting Host header

    - by Elgreco08
    i have a ubuntu 10.04 with nginx /0.8.54 running as a load balance proxy named: www.local.com I have two IIS backend servers which responds on Host header request web1.local.com web2.local.com Problem: When i hit my nginx balancer on www.local.com my backend servers respond with the default server blank webpage (IIS default page) since they are waiting for a right host header (e.g. web1.local.com) my nginx.conf upstream backend { server web1.local.com:80; server web2.local.com:80; } server { listen 80; location / { proxy_pass http://backend; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $proxy_host; } } any hint ?

    Read the article

  • Is there an autorelease pool in class methods?

    - by mystify
    I have an class method which generates an UIView, like this: + (UIImage*)imageWithFileName:(NSString*)imgFile { UIImage *img = nil; NSBundle *appBundle = [NSBundle mainBundle]; NSString *resourcePath = [appBundle pathForResource:imgFile ofType:nil]; if (resourcePath != nil) { NSURL *imageURL = [NSURL fileURLWithPath:resourcePath]; NSData *data = [[NSData alloc] initWithContentsOfURL:imageURL]; img = [UIImage imageWithData:data]; // should be autoreleased!! [data release]; } return img; } However, when I use this, the image data is NEVER freed. There is definitely a memory bug with this, although I didn't break any memory management rule I am aware of. My guess is that because this is a class method which gets called from instance methods, There is no active autorelease pool in place or it's one that only gets drained when I quit the app. Could that be right?

    Read the article

  • height: auto does not work to automatically resize header

    - by slevin
    I'm trying to do a simple thing in CSS I have a header tag and inside that a couple of h tags. So, in order to have a responsive design I do height:auto; inside the header tag, so it will automatically stretch to contain the h tags. Right? But does not work, headeris just a line in the top of the page. t should stretch to contain the titles, right? What am I missing? Is it a good practice to put CSS in the h tags and not style header at all? So h tags will be like the header in user's eye? Thanks in advence Check it here

    Read the article

  • how to force browser to re-request page after history.back()

    - by yellowred
    Hi, I've got two scripts: 1.php and 1.php. Here they are: 1.php <?php header('Pragma: no-cache'); header('Cache-Control: max-age=1; no-cache'); header('Expires: Tue, 1 May 1985 01:10:00 GMT'); header('ETag: "'.md5(rand(1, 1000)).'"'); print date('H:i:s'); ?> <a href="2.php">pay</a> 2.php <a href="javascript:history.back()">back</a> Visitor lands on 1.php and then goes to 2.php. I want browser to re-request 1.php after vistor's click on "back" link. On current state it doesn't work. How it can be managed?

    Read the article

  • <div class="headerFst"> What is this?

    - by Jessica
    I have been attempting to remove a repeating header on all of my webpages for customization purposes, but have been unsuccessful finding what is causing this header repeat. I came across this code in the header, and after researching it, I can not find what its purpose is. Could this be my culprit for the repeating patterns? If not, please point me to the right direction. Here is the hmtl: <!--container--> <div id="container"> <div id="header"> <!--headerFst--> <div class="headerFst"> and here it is in look.css: div.headerFst { float:left; width:980px; padding-top:5px; } Thank you for viewing, and helping if possible.

    Read the article

  • phpMyAdmin causes php-fpm worker to restart (502 Bad Gateway)

    - by rndbit
    I am trying to set up a test site for myself. Everything works fine except phpMyAdmin. php installation loads my test site scripts, they work fine, however trying to load phpMyAdmin i get 502 Bad Gateway error. Judging from logs (that are not too helpful) it seems that php-fpm worker is crashing each time phpmyadmin is being accessed. No clue how or why.. Does anyone have any idea? nginx log: *3 recv() failed (104: Connection reset by peer) while reading response header from upstream, And php-fpm log: [07-Jun-2012 14:19:51] WARNING: [pool www] child 32179 exited on signal 11 (SIGSEGV) after 3.217902 seconds from start [07-Jun-2012 14:19:51] NOTICE: [pool www] child 32351 started My nginx conf: user nginx; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; fastcgi_buffers 8 16k; fastcgi_buffer_size 32k; include /etc/nginx/conf.d/*.conf; server { listen 443 ssl; listen 80; server_name testsite.net www.testsite.net; ssl on; ssl_certificate /var/www/html/admin/ssl/certificate.pem; ssl_certificate_key /var/www/html/admin/ssl/privatekey.pem; ssl_session_timeout 1m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5:!kEDH; ssl_prefer_server_ciphers on; access_log off; location ~ \.php$ { root /var/www/html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } location / { root /var/www/html; index index.php; } } } php.ini is standard, with cgi.fix_pathinfo=0 php-fpm.conf: include=/etc/php-fpm.d/*.conf [global] pid = /var/run/php-fpm/php-fpm.pid error_log = /var/log/php-fpm/error.log log_level = notice php-fpm.d/www.conf: [www] listen = 127.0.0.1:9000 listen.allowed_clients = 127.0.0.1 user = nginx group = nginx pm = dynamic pm.max_children = 10 pm.start_servers = 1 pm.min_spare_servers = 1 pm.max_spare_servers = 10 slowlog = /var/log/php-fpm/www-slow.log php_flag[display_errors] = on php_admin_value[error_log] = /var/log/php-fpm/www-error.log php_admin_flag[log_errors] = on

    Read the article

  • Why is nesting or piggybacking errors within errors bad in general?

    - by dietbuddha
    Why is nesting or piggybacking errors within errors bad in general? To me it seems bad intuitively, but I'm suspicious in that I cannot adequately articulate why it is bad. This may be because it is not in general bad and that it is only bad in specific instances. Why is it detrimental to design error/exception handling in such a way. The specific instance is that of a REST service. There is a desire by some to use http errors (specifically the 500 response) as a way to indicate any problem with specific instances of a resource. An example of an instance resource in this case would be: http://server/ticket/80 # instance http://server/ticket # not an instance So this is the behavior that is being proposed. If ticket 80 does not exist return a http response code of 500. Within the body of the error return the "real" error as an additional error code and description. If the ticket resource doesn't exist return a response code of 404.

    Read the article

  • Tomcat maximum threads

    - by Clinton Bosch
    I understand that setting the maximum number of connections available in a connection pool should be the same as your maxThreads configured for your Tomcat server (which correlates to the number of requests that can be handled) For tomcat the default is 200, I assume there is a maximum that you can safely configure for your Tomcat server before things start getting out of control, which I assume is also governed by the resources of the machine it is running on. I am trying to get an understanding of the size of maxThreads that people are using with success, is 1000 too big?

    Read the article

  • Java "Pool" of longs or Oracle sequence with reusable values

    - by Anthony Accioly
    Several months ago I implemented a solution to choose unique values from a range between 1 and 65535 (16 bits). This range is used to generate unique Route Targets suffixes, which for this customer massive network (it's a huge ISP) are a very disputed resource, so any free index needs to become immediately available to the end user. To tackle this requirement I used a BitSet. Allocate on the RT index with set and deallocate a suffix with clear. The method nextClearBit() can find the next available index. I handle synchronization / concurrency issues manually. This works pretty well for a small range... The entire index is small (around 10k), it is blazing fast and can be easy serialized into a Blob field. The problem is, some new devices can handle RTs of 32 bits (range 1 / 4294967296). Which can't be managed with a BitSet (it would, by itself, consume around 600Mb, plus be limited to int range). Even with this massive range available, the client still wants to free available Route Targets for the end user, mainly because the lowest ones (up to 65535) - which are compatible with old routers - are being heavily disputed. Before I tell the customer that this is impossible and he will have to conform with my reusable index for lower RTs (up to 65550) and use a database sequence for the other ones (which means that when the user frees a Route Target, it will not become available again). Would anyone shed some light? Maybe some kind soul already implemented a high performance number pool for Java (6 if it matters), or I am missing a killer feature of Oracle database (11R2 if it matters)... Wishful thinking. Thank you very much in advance.

    Read the article

  • Incorrect gzipping of http requests, can't find who's doing it

    - by Ned Batchelder
    We're seeing some very strange mangling of HTTP responses, and we can't figure out what is doing it. We have an app server handling JSON requests. Occasionally, the response is returned gzipped, but with incorrect headers that prevent the browser from interpreting it correctly. The problem is intermittent, and changes behavior over time. Yesterday morning it seemed to fail 50% of the time, and in fact, seemed tied to one of our two load-balanced servers. Later in the afternoon, it was failing only 20 times out of 1000, and didn't correlate with an app server. The two app servers are running Apache 2.2 with mod_wsgi and a Django app stack. They have identical Apache configs and source trees, and even identical packages installed on Red Hat. There's a hardware load balancer in front, I don't know the make or model. Akamai is also part of the food chain, though we removed Akamai and still had the problem. Here's a good request and response: * Connected to example.com (97.7.79.129) port 80 (#0) > POST /claim/ HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > Referer: http://example.com/apps/ > Accept-Encoding: gzip,deflate > Content-Length: 29 > Content-Type: application/x-www-form-urlencoded > } [data not shown] < HTTP/1.1 200 OK < Server: Apache/2 < Content-Language: en-us < Content-Encoding: identity < Content-Length: 47 < Content-Type: application/x-javascript < Connection: keep-alive < Vary: Accept-Encoding < { [data not shown] * Connection #0 to host example.com left intact * Closing connection #0 {"msg": "", "status": "OK", "printer_name": ""} And here's a bad one: * Connected to example.com (97.7.79.129) port 80 (#0) > POST /claim/ HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > Referer: http://example.com/apps/ > Accept-Encoding: gzip,deflate > Content-Length: 29 > Content-Type: application/x-www-form-urlencoded > } [data not shown] < HTTP/1.1 200 OK < Server: Apache/2 < Content-Language: en-us < Content-Encoding: identity < Content-Type: application/x-javascript < Content-Encoding: gzip < Content-Length: 59 < Connection: keep-alive < Vary: Accept-Encoding < X-N: S < { [data not shown] * Connection #0 to host example.com left intact * Closing connection #0 ?V?-NW?RPR?QP*.I,)-???A??????????T??Z? ??/ There are two things to notice about the bad response: It has two Content-Encoding headers, and the browsers seem to use the first. So they see an identity encoding header, and gzipped content, so they can't interpret the response. The bad response has an extra "X-N: S" header. Perhaps if I could find out what intermediary adds "X-N: S" headers to responses, I could track down the culprit...

    Read the article

  • SqlServer / MySql Connection pool: is it really important ?

    - by stighy
    Hy guys, after a lot of problem with my hoster, i decided to disable connection pooling of my application. The problem was related to the number of concurrent connections : only five. So i decided to disable connection pooling: the result is that my web app don't crash. So i'm asking you: are there some "collateral" effect disabling connection pooling ? Is it so important ? I didn't noticed bad performance after disabling it. Thank you for your (i'm sure) precious advice!

    Read the article

  • Reopen error in bdb 4.7 memory

    - by user207634
    I create a memory pool with flag(DB_CREATE) after ope a Db_Env with flag(DB_CREATE | DB_INIT_MPOOL |DB_SYSTEM_MEM), when I run their program at first time, it's ok and create some db files such _db.001,_db.002,mpool, but after I close the program and run it again,their make a error said the system cannot find the specified file("Mpool: PANIC:No such file or directory"), if I delete all files in the memory pool folder and run it again it will be ok? How can I fix this problem?

    Read the article

  • Setting of IIS memory settings for ASP.NET

    - by user54064
    We are running an ASP.NET app on a web server with 4GB+ of memory in IIS 6. After reading many articles, it states that we need to set the "maximum memory used" for the Application Pool to 800mb to eliminate the "out of memory exceptions" that are happening for us. However, what should the "maximum virtual memory" in the Application Pool be set to? I can't find information as to what that should be set to.

    Read the article

  • MySQL SSL: bad other signature confirmation

    - by samJL
    I am trying to enable SSL connections for MySQL-- SSL will show as enabled in MySQL, but I can't make any connections due to this error: ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation I am running the following: Ubuntu Version: 14.04.1 LTS (GNU/Linux 3.13.0-34-generic x86_64) MySQL Version: 5.5.38-0ubuntu0.14.04.1 OpenSSL Version: OpenSSL 1.0.1f 6 Jan 2014 I used these commands to generate my certificates (all generated in /etc/mysql): openssl genrsa -out ca-key.pem 2048 openssl req -new -x509 -nodes -days 3650 -key ca-key.pem -out ca-cert.pem -subj "/C=US/ST=NY/O=MyCompany/CN=ca" openssl req -newkey rsa:2048 -nodes -days 3650 -keyout server-key.pem -out server-req.pem -subj "/C=US/ST=NY/O=MyCompany/CN=server" openssl rsa -in server-key.pem -out server-key.pem openssl x509 -req -in server-req.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem openssl req -newkey rsa:2048 -nodes -days 3650 -keyout client-key.pem -out client-req.pem -subj "/C=US/ST=NY/O=MyCompany/CN=client" openssl rsa -in client-key.pem -out client-key.pem openssl x509 -req -in client-req.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem I put the following in my.cnf: [mysqld] ssl-ca=/etc/mysql/ca-cert.pem ssl-cert=/etc/mysql/server-cert.pem ssl-key=/etc/mysql/server-key.pem When I attempt to connect specifying the client certificates-- I get the following error: mysql -uroot -ppassword --ssl-ca=/etc/mysql/ca-cert.pem --ssl-cert=/etc/mysql/client-cert.pem --ssl-key=/etc/mysql/client-key.pem ERROR 2026 (HY000): SSL connection error: ASN: bad other signature confirmation If I connect without SSL, I can see that MySQL has correctly loaded the certificates: mysql -uroot -ppassword --ssl=false mysql> SHOW VARIABLES LIKE '%ssl%'; +---------------+----------------------------+ | Variable_name | Value | +---------------+----------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /etc/mysql/ca-cert.pem | | ssl_capath | | | ssl_cert | /etc/mysql/server-cert.pem | | ssl_cipher | | | ssl_key | /etc/mysql/server-key.pem | +---------------+----------------------------+ 7 rows in set (0.00 sec) My generated certificates pass OpenSSL verification and modulus: openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem server-cert.pem: OK client-cert.pem: OK What am I missing? I used this same process before on a different server and it worked- however the Ubuntu version was 12.04 LTS and the OpenSSL version was older (don't remember specifically). Has something changed with the latest OpenSSL? Any help would be appreciated!

    Read the article

  • Verifying SMTP “MAIL FROM:” Matches “From:” Header in DATA

    - by dkovacevic
    Is there ever a legitimate reason for the SMTP “MAIL FROM:” field to not match the “From:” field in the DATA section of a message, besides mailing lists? From http://stackoverflow.com/questions/1750194/smtp-why-does-email-needs-envelope-and-what-does-the-envelope-mean: “But, to continue your snail mail metaphor, most professional letters will contain the sender's and recipient's addresses printed on the letter itself. Those addresses are not necessary for the postman, but are instead a courtesy to the recipient. So it's sensible that email would work the same way.” The problem with this line of logic lies here: “courtesy to the recipient”. Including the “From:” address in an email via SMTP is not a courtesy; it is required if the recipient is to be able to send a reply. From: How to limit the From header to match MAIL FROM in postfix?: “But if you really want to ensure From: and MAIL FROM then you have to apply header_checks so that Return-Path: matches From:” What are the implications of doing this? Mailing lists would obviously be a problem. Are there any other legitimate uses of differing “MAIL FROM:” and “From:” header information?

    Read the article

  • another "SSH connect to host github.com port 22: Bad file number"

    - by Mariusz
    Hello. I have a problem with my first-time ssh connection. Yes, I've already done yours guides, already tried your "Dealing with firewalls and proxies" article and the problem is still occuring. I am using Win7 32bit, Windows Firewall is disabled, haven't any third-party firewalls, ESET Nod32 Antivirus is not blocking any ports, I am not using any PROXY (neither local proxy) . Here goes the logs: Ordinary SSH connection try C:\Users\Mariusz>ssh -vvv [email protected] OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007 debug2: ssh_connect: needpriv 0 debug1: Connecting to github.com [207.97.227.239] port 22. debug1: connect to address 207.97.227.239 port 22: Not owner ssh: connect to host github.com port 22: Bad file number NCAT connection try C:\Users\Mariusz>ncat github.com 22 Strange connect error from 207.97.227.239 (10013): No error 10013 = WSAEACCES I think that method called "smart-http-support" won't be usable for me because I haven't created repo yet. I have just GIT INIT locally, and finished at step GIT PUSH, which returns the same: ssh: connect to host github.com port 22: Bad file number fatal: The remote end hung up unexpectedly corkscrew method (first article from yours guide) . While PUTTYing (with pageant in bg), after inputing login - an error is occuring (MessageBox): Disconnected: No supported authentication methods available And in terminal such message is printing out: Server refused our key Key I have generated correctly, using ssh-keygen. I tried not method by editing ~/.ssh/config yet because I had thought that because I haven't PUSHed anything to my remote repo so I won't be able to CLONE anything. Method called ssh-forwarding is not for my, cause it "requires access to an external ssh server" and I haven't any at this time. What else could I do? Thanks in advance for any help. Mariusz.

    Read the article

  • 502 Bad Gateway error after failed requests using Passenger

    - by Nicolas Buduroi
    I've got a staging server running nginx 1.0.5 using Rails 3.1 under Passenger 3.0.9. The problem is that a request sent just after one where there's an application error return 502 Bad Gateway. To test it I've set up a simple controller with an action that just raise a dummy exception. One request will show the Rails error message and the next one will show nginx 502 Bad Gateway error, then it goes back to the Rails application error, etc. While investigating this problem I've found out that load testing the application (which increase the number of application processes) make that issue disapear. That is until the extra processes are shutdown, then it reappear. I've tried setting the passenger_min_instances option, but doing so doesn't change anything and in this case each time an application error happen one instance is killed while after load testing all instances are kept alive. P.S.: Some people on my team told me that they've seen the 502 error even when there's no application error but I've not been able to reproduce that. Update: Just found out how to display the responses status codes using ab and most of them are 502!

    Read the article

  • Howto change Axis server-config.wsdd so that we don't expect a SOAPAction

    - by GKForcare
    The problem I'm facing is that the client of my service will never send me a SOAPAction header. How can I tell Axis to still map to the incomming call to my service implementation anyway. I did bump into tricks like adding a Handler like this: <handler name="ReportMapper" type="java:com.mycompany.project.ReportMapper"/> <transport name="http"> <requestFlow> <handler type="ReportMapper"/> <handler type="URLMapper"/> <handler type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/> </requestFlow> <parameter name="qs:list" value="org.apache.axis.transport.http.QSListHandler"/> <parameter name="qs:wsdl" value="org.apache.axis.transport.http.QSWSDLHandler"/> <parameter name="qs.list" value="org.apache.axis.transport.http.QSListHandler"/> <parameter name="qs.method" value="org.apache.axis.transport.http.QSMethodHandler"/> <parameter name="qs:method" value="org.apache.axis.transport.http.QSMethodHandler"/> <parameter name="qs.wsdl" value="org.apache.axis.transport.http.QSWSDLHandler"/> </transport> but that did not help. The mapper is found during the creation of the WSDL but when calling the service, the invoke of the handler is not used. I do need to note that when I simulate the SOAP-call using @curl@ and I do add the SOAPAction header, the invoke is called. Any help would be most appreciated.

    Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >