You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2007/04/23 20:30:12 UTC
DO NOT REPLY [Bug 42200] New: - Unknown activities recorded in access log
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
Summary: Unknown activities recorded in access log
Product: Apache httpd-2
Version: 2.2.4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Core
AssignedTo: bugs@httpd.apache.org
ReportedBy: lidengni@gmail.com
I am having weird unknown activities in the access log. Someone said it is
caused by some kind of loopback, but I have no clue how it is caused and how to
stop the activities, which makes my access log grows very fast.
I have several vhosts, and this activities only occur in the first vhost. If I
have both :80 and :442 (ssl) running, only the 1st ssl access log will catch
such activities...
I am using Fedora Core 4 latest updage. Apache is configured with "./configure
--enable-so --prefix=xxxxxx"
Following is a copy of the activities:
::1 - - [19/Apr/2007:23:04:45 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:04:46 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:01 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:02 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:03 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:04 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:18 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:20 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:21 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:22 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:23 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:24 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:25 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:26 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:27 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:30 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:37 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:39 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:40 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:41 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:42 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:43 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:44 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:45 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:05:52 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:02 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:15 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:16 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:17 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:18 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:19 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:20 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:35 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:36 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:42 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:43 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:06:56 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:07:00 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:07:01 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:07:02 -0500] "GET /" 400 464
::1 - - [19/Apr/2007:23:07:19 -0500] "GET /" 400 464
...
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
------- Additional Comments From basant.kukreja@sun.com 2007-04-23 15:17 -------
Looks like "/" request is redirected and might be looping.
It looks like, it could be configuration issue.
Can you share your configuration especially the vhost which is causing the problem?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
------- Additional Comments From lidengni@gmail.com 2007-04-23 20:13 -------
(In reply to comment #3)
> I should add that the same config works fine on my test server at home, which
> has indentical Fedora 4 kernel and RPMS updates...
Sorry, I may not be right. I grep "::1" in my test server, it has 4 same such
activities too. I didn't notice before:
::1 - - [06/Jan/2007:19:05:59 -0600] "GET / HTTP/1.0" 200 161
::1 - - [06/Jan/2007:19:06:00 -0600] "GET / HTTP/1.0" 200 161
::1 - - [06/Jan/2007:19:06:12 -0600] "GET / HTTP/1.0" 200 161
::1 - - [06/Jan/2007:19:06:13 -0600] "GET / HTTP/1.0" 200 161
I think the "/" request looping may be the problem. I have in my index.php (in
every hosts) trying to redirect as:
if ( $_SERVER["REQUEST_URI"] != '/' ) {
Header( "HTTP/1.1 301 Moved Permanently" );
Header( "Location: /" );
exit();
}
Because if someone uses "http://www.domain.com/foo/" where "/foo" is a valid
folder, it shows the page same as "http://www.domain.com/", and if
"http://www.domain.com/bar/" is used, where "/bar" does not exist, it returns "404".
My redirect is trying to make "http://www.domain.com/foo/" go to
"http://www.domain.com/".
Thanks
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
------- Additional Comments From lidengni@gmail.com 2007-04-23 20:00 -------
I should add that the same config works fine on my test server at home, which
has indentical Fedora 4 kernel and RPMS updates...
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
slive@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From slive@apache.org 2007-04-24 08:28 -------
These are "internal dummy connections" (which you would see logged on a non-ssl
host if you logged the user-agent) used to wake up processes that need to be
recycled. They should be ignored.
In the future, please address questions like this to a user support forum (such
as the users@httpd.apache.org mailing list) rather than the bug database unless
you are sure you have found a bug.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
slive@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |INVALID
------- Additional Comments From slive@apache.org 2007-04-24 09:14 -------
This design decision has been discussed extensively on the dev@httpd.apache.org
mailing list. Some improvements will be made in the future, I believe. But
simply dropping them from the logs by default would not be a good idea. Feel
free to head over there to discuss it further. But of course, search the
archives first.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
lidengni@gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
------- Additional Comments From lidengni@gmail.com 2007-04-24 08:57 -------
(In reply to comment #5)
> These are "internal dummy connections" (which you would see logged on a non-ssl
> host if you logged the user-agent) used to wake up processes that need to be
> recycled. They should be ignored.
>
> In the future, please address questions like this to a user support forum (such
> as the users@httpd.apache.org mailing list) rather than the bug database unless
> you are sure you have found a bug.
I disagree and feel this needs to be taken care of.
If it is "internal dummy connections" used to wake up processes, why would you
record them into the access log? As a user, I would not want to know some
internal processes to be recorded. All functions can be called internal processes.
I thought my computer was having bug and called DELL support who can't resolve
it, and spent a lot of time google around for this problem. And this is the
first time I heard of "internal dummy process", I google it, and found many
other users also have similar doubt.
Can such dummy connection requests be thrown out of the normal access log? I
look at the log for real users' activities, not for internal dummy activities.
Regards.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 42200] - Unknown activities recorded in access log
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42200>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42200
------- Additional Comments From lidengni@gmail.com 2007-04-23 19:56 -------
(In reply to comment #1)
> Looks like "/" request is redirected and might be looping.
>
> It looks like, it could be configuration issue.
>
> Can you share your configuration especially the vhost which is causing the
problem?
>
httpd-vhosts.conf looks like:
#
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
ServerAdmin support@hosts.com
DocumentRoot /home/domains/hosts/nonsecure
ServerName hosts.com
ServerAlias www.hosts.com hosts
ErrorLog /home/logs/hosts-error_log
CustomLog /home/logs/hosts-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin support@hosts2.com
# DocumentRoot /home/domains/hosts2/nonsecure
DocumentRoot /home/domains/hosts2/old
ServerName hosts2.com
ServerAlias www.hosts2.com hosts2
ErrorLog /home/logs/hosts2-error_log
CustomLog /home/logs/hosts2-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin support@host3.com
DocumentRoot /home/domains/host3
ServerName host3.com
ServerAlias www.host3.com host3
ErrorLog /home/logs/host3-error_log
CustomLog /home/logs/host3-access_log common
</VirtualHost>
<VirtualHost *:80>
...
</VirtualHost>
-------------------------------
httpd-ssl.conf looks like
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
#
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
#
Listen 443
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache dbm:/home/server/logs/ssl_scache
SSLSessionCache shmcb:/home/server/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex file:/home/server/logs/ssl_mutex
##
## SSL Virtual Host Context
##
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin support@hosts1.com
DocumentRoot /home/domains/hosts1/secure
ServerName hosts1.com:443
ServerAlias www.hosts1.com:443 hosts1:443
ErrorLog /home/logs/hosts1-ssl-error_log
CustomLog /home/logs/hosts1-ssl-access_log common
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /home/server/conf/hosts2.crt
SSLCertificateKeyFile /home/server/conf/hosts2.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/home/server/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /home/server/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
ServerAdmin support@hosts2.com
DocumentRoot /home/domains/hosts2/secure
ServerName hosts2.com:443
ServerAlias www.hosts2.com:443 hosts2:443
ErrorLog /home/logs/hosts2-ssl-error_log
CustomLog /home/logs/hosts2-ssl-access_log common
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /home/server/conf/hosts2.crt
SSLCertificateKeyFile /home/server/conf/hosts2.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/home/server/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /home/server/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
-----------------------------------
.htaccess for all hosts look like
Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^host1.com [nc]
rewriterule ^(.*)$ http://www.host1.com/$1 [r=301,nc]
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org