You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Gus Heck (Jira)" <ji...@apache.org> on 2021/08/15 19:09:00 UTC
[jira] [Resolved] (SOLR-15584) There is a kind of brute-force
trials to access Solr using a different PORT every few minutes
[ https://issues.apache.org/jira/browse/SOLR-15584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gus Heck resolved SOLR-15584.
-----------------------------
Resolution: Invalid
I'm sorry you are having difficulties, but this is not the place to find a solution to this type of problem. This is the Apache Software Foundation's Bug reporting site, and tickets here are only valid if they report a bug with software that we produce, typically with steps to reproduce and often with suggestions or code to fix the problem.
You appear to be using sitecore which is a product that leverages Apache Solr, but we know nothing of it or how to help you with sitecore. Furthermore the problem you describe sounds very much like it is neither a deficiency in Sitecore nor in Solr but rather a problem either with an intruder on your network, or having exposed the Sitecore product to the open internet.
The best thing for you is probably to contact your network administrators, in your organization. (hopefully that's not you :) )
> There is a kind of brute-force trials to access Solr using a different PORT every few minutes
> ---------------------------------------------------------------------------------------------
>
> Key: SOLR-15584
> URL: https://issues.apache.org/jira/browse/SOLR-15584
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 7.2.1
> Environment: Solr 7.2.1
> Sitecore 9.1
> Azure
> Reporter: Mohamed Saad
> Priority: Critical
> Attachments: image-2021-08-15-18-50-33-877.png, image-2021-08-15-18-51-49-813.png, image-2021-08-15-18-52-28-177.png
>
>
> we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves
> and we are notes in the log file error "
> java.io.IOException: The user name or password is incorrect "
> admin team restarted the Solr server and we noticed after restarting
> *alot of requests and each request is followed by number of trials and it ends-up by exception firing.*
> *There is a kind of brute-force trials to access a different PORT every few minutes) which all lead to failures*
>
>
> :java.io.IOException: The user name or password is incorrect
> at java.io.WinNTFileSystem.canonicalize0(Native Method)
> at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
> at java.io.File.getCanonicalPath(File.java:620)
> at org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
> at org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
> at org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
> at org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
> at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
> at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
> at org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
> at org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
> at org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
> at org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
> at org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
> at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
> at org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
> at org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
> at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
> at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
> at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
> at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
> at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
> at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
> at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
> at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
> at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
> at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
> at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
> at org.eclipse.jetty.server.Server.handle(Server.java:534)
> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
> at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
> at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
> at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
> at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
> at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
> at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
> at java.lang.Thread.run(Thread.java:748)
>
> !image-2021-08-15-18-50-33-877.png!
> After restarting Server
> !image-2021-08-15-18-52-28-177.png!
> !image-2021-08-15-18-51-49-813.png!
> we need to know the root cause of the issue and if this is some kind of attacks
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org