Mailing List Archive

Nick, they mean that they have no name-based vhost defined for that domain
name. This can happen with DNS spoofing.

On Tue, 17 May 2022 at 08:01, Nick Folino <nick@folino.us> wrote:

> Not exactly sure what you're asking. If it shows up in the log it's
> reaching the server.
>
> On Tue, May 17, 2022 at 7:30 AM vaidya nathan <vaidyaatdst@gmail.com>
> wrote:
>
>> Hello World,
>>
>>
>>
>> I have a strange problem. I have an angular app deployed in http server
>> and for some users alone I see that one of the calls ( generate-token in
>> this case) is not reaching the server (which happens to be a spring boot
>> server deployed in websphere liberty).
>>
>>
>>
>>
>>
>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET /application/dashboard
>> HTTP/1.1" 200 11153 0 9143 -
>>
>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET
>> /application/5.97e05069c31d30d5372d.js HTTP/1.1" 200 16031 0 552 -
>>
>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /assets/images/blue.png
>> HTTP/1.1" 200 3887 0 469 -
>>
>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>> HTTP/1.1" 200 - 0 46802 -
>>
>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>> /application/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
>> HTTP/1.1" 200 77160 0 33090 -
>>
>> *1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>> HTTP/1.1" 200 - 0 2108 -*
>>
>> *1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>> HTTP/1.1" 502 341 0 43550 -*
>>
>>
>>
>> *Pertinent httpd.conf*
>>
>>
>>
>> ServerRoot "/usr/HTTPServer"
>>
>> PidFile logs/httpd.pid
>>
>> Timeout 300
>>
>> KeepAlive On
>>
>> ReadmeName README.html
>>
>> HeaderName HEADER.html
>>
>> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
>>
>> AddEncoding x-compress Z
>>
>> AddEncoding x-gzip gz tgz
>>
>> AddType application/x-tar .tgz
>>
>> AddType image/x-icon .ico
>>
>> BrowserMatch "Mozilla/2" nokeepalive
>>
>> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>
>> BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>
>> BrowserMatch "Java/1\.0" force-response-1.0
>>
>> BrowserMatch "JDK/1\.0" force-response-1.0
>>
>> BrowserMatch "Microsoft Data Access Internet Publishing Provider"
>> redirect-carefully
>>
>> BrowserMatch "^WebDrive" redirect-carefully
>>
>> BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
>>
>> BrowserMatch "^gnome-vfs" redirect-carefully
>>
>> <VirtualHost *:1025>
>>
>> ServerName XXX.com
>>
>> DocumentRoot "/usr/HTTPServer/htdocs"
>>
>> SSLEnable
>>
>> SSLProxyEngine on
>>
>> SSLServerCert XX
>>
>> Keyfile /venafi/XX.kdb
>>
>> # The following protocols are disabled SSLv2, SSLv3, TLSv1 & TLSv1.1
>>
>> SSLProtocolDisable SSLv2
>>
>> SSLProtocolDisable SSLv3
>>
>> SSLProtocolDisable TLSv10
>>
>> SSLProtocolDisable TLSv11
>>
>> # The following protocol is enabled
>>
>> SSLProtocolEnable TLSv12
>>
>> # Remove all Ciphers
>>
>> SSLCipherSpec ALL NONE
>>
>> # Enable Approved CipherSpec's Only
>>
>> SSLCipherSpec ALL +9C
>>
>> SSLCipherSpec ALL +9D
>>
>> SSLCipherSpec ALL +C02B
>>
>> SSLCipherSpec ALL +C02C
>>
>> SSLCipherSpec ALL +C02F
>>
>> SSLCipherSpec ALL +C030
>>
>> </VirtualHost>
>>
>> SSLInsecureRenegotiation off
>>
>>
>>
>> TraceEnable off
>>
>>
>>
>> CoreDumpDirectory /wslogs
>>
>>
>>
>> # Block Files with Server Side Script - file extensions
>>
>> <FilesMatch
>> "^.*\.(sh|ksh|go|gsp|lp|op|lua|cgi|ipl|pl|php|rhtml?|py|rb?w|smx|lasso|tcl|dna|tpl|r|w)$">
>>
>> Order Deny,Allow
>>
>> Deny from all
>>
>> </FilesMatch>
>>
>>
>>
>> Alias /siteminderagent/pwcgi/ "/usr/local/webagent/pw/"
>>
>> <Directory "/usr/local/webagent/pw/">
>>
>> Options Indexes MultiViews ExecCGI
>>
>> AllowOverride None
>>
>> Order allow,deny
>>
>> Allow from all
>>
>> </Directory>
>>
>> Alias /siteminderagent/pw/ "/usr/local/webagent/pw/"
>>
>> <Directory "/usr/local/webagent/pw/">
>>
>> Options Indexes MultiViews ExecCGI
>>
>> AllowOverride None
>>
>> Order allow,deny
>>
>> Allow from all
>>
>> </Directory>
>>
>> Alias /siteminderagent/ "/usr/local/webagent/samples/"
>>
>> <Directory "/usr/local/webagent/samples/">
>>
>> Options Indexes MultiViews
>>
>> AllowOverride None
>>
>> Order allow,deny
>>
>> Allow from all
>>
>> </Directory>
>>
>>
>>
>> #To Disable HTTP TRACE / TRACK Method in all Directives
>>
>> RewriteEngine On
>>
>> RewriteLog "/wslogs/http/rewrite.log"
>>
>> RewriteLogLevel 5
>>
>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>
>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>
>> RewriteCond %{REQUEST_FILENAME} -d
>>
>> RewriteRule ^ - [NC,L]
>>
>> RewriteRule ^ index.html [NC,L]
>>
>>
>>
>>
>>
>> *and the .htaccess is*
>>
>> <IfModule mod_rewrite.c>
>>
>> RewriteEngine on
>>
>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>
>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>
>> RewriteCond %{REQUEST_FILENAME} -d
>>
>> RewriteRule ^.*$ - [NC,L]
>>
>> RewriteRule ^.*$ index.html [NC,L]
>>
>> </IfModule>
>>
>>
>>
>>
>>
>> Any idea why this happens ? This happens only for certain users and
>> always. For all the other users it works well. We use siteminder before
>> these calls are made to authenticate the users but it redirects
>> appropriately and the angular app makes the above calls .
>>
>>
>>
>> I would also like to see whether I can print the absolute url in the logs
>> or get more debug information about the calls.
>>
>>
>>
>> Thx
>>
>> Vaidya
>>
>

Sorry, that was meant for another thread. For this one, it seems you're
still on 2.2, and using mod_rewrite heavily. The first step would be to
examine the rewrite log to see what is happening.

On Tue, 17 May 2022 at 08:22, Frank Gingras <thumbs@apache.org> wrote:

> Nick, they mean that they have no name-based vhost defined for that domain
> name. This can happen with DNS spoofing.
>
> On Tue, 17 May 2022 at 08:01, Nick Folino <nick@folino.us> wrote:
>
>> Not exactly sure what you're asking. If it shows up in the log it's
>> reaching the server.
>>
>> On Tue, May 17, 2022 at 7:30 AM vaidya nathan <vaidyaatdst@gmail.com>
>> wrote:
>>
>>> Hello World,
>>>
>>>
>>>
>>> I have a strange problem. I have an angular app deployed in http server
>>> and for some users alone I see that one of the calls ( generate-token in
>>> this case) is not reaching the server (which happens to be a spring boot
>>> server deployed in websphere liberty).
>>>
>>>
>>>
>>>
>>>
>>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET /application/dashboard
>>> HTTP/1.1" 200 11153 0 9143 -
>>>
>>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET
>>> /application/5.97e05069c31d30d5372d.js HTTP/1.1" 200 16031 0 552 -
>>>
>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /assets/images/blue.png
>>> HTTP/1.1" 200 3887 0 469 -
>>>
>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>>> HTTP/1.1" 200 - 0 46802 -
>>>
>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>>> /application/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
>>> HTTP/1.1" 200 77160 0 33090 -
>>>
>>> *1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>>> HTTP/1.1" 200 - 0 2108 -*
>>>
>>> *1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET
>>> /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy
>>> HTTP/1.1" 502 341 0 43550 -*
>>>
>>>
>>>
>>> *Pertinent httpd.conf*
>>>
>>>
>>>
>>> ServerRoot "/usr/HTTPServer"
>>>
>>> PidFile logs/httpd.pid
>>>
>>> Timeout 300
>>>
>>> KeepAlive On
>>>
>>> ReadmeName README.html
>>>
>>> HeaderName HEADER.html
>>>
>>> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
>>>
>>> AddEncoding x-compress Z
>>>
>>> AddEncoding x-gzip gz tgz
>>>
>>> AddType application/x-tar .tgz
>>>
>>> AddType image/x-icon .ico
>>>
>>> BrowserMatch "Mozilla/2" nokeepalive
>>>
>>> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>>
>>> BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>>
>>> BrowserMatch "Java/1\.0" force-response-1.0
>>>
>>> BrowserMatch "JDK/1\.0" force-response-1.0
>>>
>>> BrowserMatch "Microsoft Data Access Internet Publishing Provider"
>>> redirect-carefully
>>>
>>> BrowserMatch "^WebDrive" redirect-carefully
>>>
>>> BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
>>>
>>> BrowserMatch "^gnome-vfs" redirect-carefully
>>>
>>> <VirtualHost *:1025>
>>>
>>> ServerName XXX.com
>>>
>>> DocumentRoot "/usr/HTTPServer/htdocs"
>>>
>>> SSLEnable
>>>
>>> SSLProxyEngine on
>>>
>>> SSLServerCert XX
>>>
>>> Keyfile /venafi/XX.kdb
>>>
>>> # The following protocols are disabled SSLv2, SSLv3, TLSv1 & TLSv1.1
>>>
>>> SSLProtocolDisable SSLv2
>>>
>>> SSLProtocolDisable SSLv3
>>>
>>> SSLProtocolDisable TLSv10
>>>
>>> SSLProtocolDisable TLSv11
>>>
>>> # The following protocol is enabled
>>>
>>> SSLProtocolEnable TLSv12
>>>
>>> # Remove all Ciphers
>>>
>>> SSLCipherSpec ALL NONE
>>>
>>> # Enable Approved CipherSpec's Only
>>>
>>> SSLCipherSpec ALL +9C
>>>
>>> SSLCipherSpec ALL +9D
>>>
>>> SSLCipherSpec ALL +C02B
>>>
>>> SSLCipherSpec ALL +C02C
>>>
>>> SSLCipherSpec ALL +C02F
>>>
>>> SSLCipherSpec ALL +C030
>>>
>>> </VirtualHost>
>>>
>>> SSLInsecureRenegotiation off
>>>
>>>
>>>
>>> TraceEnable off
>>>
>>>
>>>
>>> CoreDumpDirectory /wslogs
>>>
>>>
>>>
>>> # Block Files with Server Side Script - file extensions
>>>
>>> <FilesMatch
>>> "^.*\.(sh|ksh|go|gsp|lp|op|lua|cgi|ipl|pl|php|rhtml?|py|rb?w|smx|lasso|tcl|dna|tpl|r|w)$">
>>>
>>> Order Deny,Allow
>>>
>>> Deny from all
>>>
>>> </FilesMatch>
>>>
>>>
>>>
>>> Alias /siteminderagent/pwcgi/ "/usr/local/webagent/pw/"
>>>
>>> <Directory "/usr/local/webagent/pw/">
>>>
>>> Options Indexes MultiViews ExecCGI
>>>
>>> AllowOverride None
>>>
>>> Order allow,deny
>>>
>>> Allow from all
>>>
>>> </Directory>
>>>
>>> Alias /siteminderagent/pw/ "/usr/local/webagent/pw/"
>>>
>>> <Directory "/usr/local/webagent/pw/">
>>>
>>> Options Indexes MultiViews ExecCGI
>>>
>>> AllowOverride None
>>>
>>> Order allow,deny
>>>
>>> Allow from all
>>>
>>> </Directory>
>>>
>>> Alias /siteminderagent/ "/usr/local/webagent/samples/"
>>>
>>> <Directory "/usr/local/webagent/samples/">
>>>
>>> Options Indexes MultiViews
>>>
>>> AllowOverride None
>>>
>>> Order allow,deny
>>>
>>> Allow from all
>>>
>>> </Directory>
>>>
>>>
>>>
>>> #To Disable HTTP TRACE / TRACK Method in all Directives
>>>
>>> RewriteEngine On
>>>
>>> RewriteLog "/wslogs/http/rewrite.log"
>>>
>>> RewriteLogLevel 5
>>>
>>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>>
>>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>>
>>> RewriteCond %{REQUEST_FILENAME} -d
>>>
>>> RewriteRule ^ - [NC,L]
>>>
>>> RewriteRule ^ index.html [NC,L]
>>>
>>>
>>>
>>>
>>>
>>> *and the .htaccess is*
>>>
>>> <IfModule mod_rewrite.c>
>>>
>>> RewriteEngine on
>>>
>>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>>
>>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>>
>>> RewriteCond %{REQUEST_FILENAME} -d
>>>
>>> RewriteRule ^.*$ - [NC,L]
>>>
>>> RewriteRule ^.*$ index.html [NC,L]
>>>
>>> </IfModule>
>>>
>>>
>>>
>>>
>>>
>>> Any idea why this happens ? This happens only for certain users and
>>> always. For all the other users it works well. We use siteminder before
>>> these calls are made to authenticate the users but it redirects
>>> appropriately and the angular app makes the above calls .
>>>
>>>
>>>
>>> I would also like to see whether I can print the absolute url in the
>>> logs or get more debug information about the calls.
>>>
>>>
>>>
>>> Thx
>>>
>>> Vaidya
>>>
>>

I don’t see anything for both a successful and a bad one

Bad one where request doesn’t go to the server
===============•===••=================
host_date_access.log:10.152.224.14 - - [11/May/2022:09:54:17 -0400] "GET /approot/approot/auth/generate-token/abcdmday HTTP/1.1" 200 - 0 85664 -
dc04plvwbs348_05112022_access.log:10.152.224.14 - - [11/May/2022:09:54:17 -0400] "GET /approot/approot/auth/generate-token/abcdmday HTTP/1.1" 502 341 0 38429 -

rewrite logs
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/abcdashboard/dashboard -> abcdashboard/dashboard
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'abcdashboard/dashboard'
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-s' => not-matched
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-l' => not-matched
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-d' => not-matched
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/abcdashboard/dashboard -> abcdashboard/dashboard
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'abcdashboard/dashboard'
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (2) [perdir /usr/HTTPServer/htdocs/] rewrite 'abcdashboard/dashboard' -> 'index.html'
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (3) [perdir /usr/HTTPServer/htdocs/] add per-dir prefix: index.html -> /usr/HTTPServer/htdocs/index.html
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (2) [perdir /usr/HTTPServer/htdocs/] strip document_root prefix: /usr/HTTPServer/htdocs/index.html -> /index.html
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd850028ce8/initial] (1) [perdir /usr/HTTPServer/htdocs/] internal redirect with /index.html [INTERNAL REDIRECT]
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd85001fb08/initial/redir#1] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/index.html -> index.html
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd85001fb08/initial/redir#1] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'index.html'
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd85001fb08/initial/redir#1] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/index.html' pattern='-s' => matched
10.152.224.14 - - [11/May/2022:09:54:16 --0400] [hostname.com/sid#20dc398][rid#7fd85001fb08/initial/redir#1] (1) [perdir /usr/HTTPServer/htdocs/] pass through /usr/HTTPServer/htdocs/index.html


Successful one that goes to the server
=========================•======

10.152.224.14 - - [11/May/2022:16:53:59 -0400] "GET /approot/approot/auth/generate-token/deftoken HTTP/1.1" 200 548 1 1002768 -

rewrite logs

10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/abcdashboard/dashboard -> abcdashboard/dashboard
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'abcdashboard/dashboard'
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-s' => not-matched
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-l' => not-matched
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/abcdashboard/dashboard' pattern='-d' => not-matched
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/abcdashboard/dashboard -> abcdashboard/dashboard
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'abcdashboard/dashboard'
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (2) [perdir /usr/HTTPServer/htdocs/] rewrite 'abcdashboard/dashboard' -> 'index.html'
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (3) [perdir /usr/HTTPServer/htdocs/] add per-dir prefix: index.html -> /usr/HTTPServer/htdocs/index.html
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (2) [perdir /usr/HTTPServer/htdocs/] strip document_root prefix: /usr/HTTPServer/htdocs/index.html -> /index.html
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd838032968/initial] (1) [perdir /usr/HTTPServer/htdocs/] internal redirect with /index.html [INTERNAL REDIRECT]
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd83800b8c0/initial/redir#1] (3) [perdir /usr/HTTPServer/htdocs/] strip per-dir prefix: /usr/HTTPServer/htdocs/index.html -> index.html
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd83800b8c0/initial/redir#1] (3) [perdir /usr/HTTPServer/htdocs/] applying pattern '^.*$' to uri 'index.html'
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd83800b8c0/initial/redir#1] (4) [perdir /usr/HTTPServer/htdocs/] RewriteCond: input='/usr/HTTPServer/htdocs/index.html' pattern='-s' => matched
10.152.224.14 - - [11/May/2022:16:53:58 --0400] [hostname.com/sid#20dc398][rid#7fd83800b8c0/initial/redir#1] (1) [perdir /usr/HTTPServer/htdocs/] pass through /usr/HTTPServer/htdocs/index.html


Sent from my iPhone

> On May 17, 2022, at 07:24, Frank Gingras <thumbs@apache.org> wrote:
>
> ?
> Sorry, that was meant for another thread. For this one, it seems you're still on 2.2, and using mod_rewrite heavily. The first step would be to examine the rewrite log to see what is happening.
>
>> On Tue, 17 May 2022 at 08:22, Frank Gingras <thumbs@apache.org> wrote:
>> Nick, they mean that they have no name-based vhost defined for that domain name. This can happen with DNS spoofing.
>>
>>> On Tue, 17 May 2022 at 08:01, Nick Folino <nick@folino.us> wrote:
>>> Not exactly sure what you're asking. If it shows up in the log it's reaching the server.
>>>
>>>> On Tue, May 17, 2022 at 7:30 AM vaidya nathan <vaidyaatdst@gmail.com> wrote:
>>>> Hello World,
>>>>
>>>>
>>>>
>>>> I have a strange problem. I have an angular app deployed in http server and for some users alone I see that one of the calls ( generate-token in this case) is not reaching the server (which happens to be a spring boot server deployed in websphere liberty).
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET /application/dashboard HTTP/1.1" 200 11153 0 9143 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:50 -0400] "GET /application/5.97e05069c31d30d5372d.js HTTP/1.1" 200 16031 0 552 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /assets/images/blue.png HTTP/1.1" 200 3887 0 469 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy HTTP/1.1" 200 - 0 46802 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /application/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0 HTTP/1.1" 200 77160 0 33090 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy HTTP/1.1" 200 - 0 2108 -
>>>>
>>>> 1.1.1.1 - - [11/Mar/2022:09:42:51 -0400] "GET /applicationurl/applicationurl/auth/generate-token/QkVUSEVMUzpBMG1hbWU5MDAy HTTP/1.1" 502 341 0 43550 -
>>>>
>>>>
>>>>
>>>> Pertinent httpd.conf
>>>>
>>>>
>>>>
>>>> ServerRoot "/usr/HTTPServer"
>>>>
>>>> PidFile logs/httpd.pid
>>>>
>>>> Timeout 300
>>>>
>>>> KeepAlive On
>>>>
>>>> ReadmeName README.html
>>>>
>>>> HeaderName HEADER.html
>>>>
>>>> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
>>>>
>>>> AddEncoding x-compress Z
>>>>
>>>> AddEncoding x-gzip gz tgz
>>>>
>>>> AddType application/x-tar .tgz
>>>>
>>>> AddType image/x-icon .ico
>>>>
>>>> BrowserMatch "Mozilla/2" nokeepalive
>>>>
>>>> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>>>
>>>> BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>>>
>>>> BrowserMatch "Java/1\.0" force-response-1.0
>>>>
>>>> BrowserMatch "JDK/1\.0" force-response-1.0
>>>>
>>>> BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
>>>>
>>>> BrowserMatch "^WebDrive" redirect-carefully
>>>>
>>>> BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
>>>>
>>>> BrowserMatch "^gnome-vfs" redirect-carefully
>>>>
>>>> <VirtualHost *:1025>
>>>>
>>>> ServerName XXX.com
>>>>
>>>> DocumentRoot "/usr/HTTPServer/htdocs"
>>>>
>>>> SSLEnable
>>>>
>>>> SSLProxyEngine on
>>>>
>>>> SSLServerCert XX
>>>>
>>>> Keyfile /venafi/XX.kdb
>>>>
>>>> # The following protocols are disabled SSLv2, SSLv3, TLSv1 & TLSv1.1
>>>>
>>>> SSLProtocolDisable SSLv2
>>>>
>>>> SSLProtocolDisable SSLv3
>>>>
>>>> SSLProtocolDisable TLSv10
>>>>
>>>> SSLProtocolDisable TLSv11
>>>>
>>>> # The following protocol is enabled
>>>>
>>>> SSLProtocolEnable TLSv12
>>>>
>>>> # Remove all Ciphers
>>>>
>>>> SSLCipherSpec ALL NONE
>>>>
>>>> # Enable Approved CipherSpec's Only
>>>>
>>>> SSLCipherSpec ALL +9C
>>>>
>>>> SSLCipherSpec ALL +9D
>>>>
>>>> SSLCipherSpec ALL +C02B
>>>>
>>>> SSLCipherSpec ALL +C02C
>>>>
>>>> SSLCipherSpec ALL +C02F
>>>>
>>>> SSLCipherSpec ALL +C030
>>>>
>>>> </VirtualHost>
>>>>
>>>> SSLInsecureRenegotiation off
>>>>
>>>>
>>>>
>>>> TraceEnable off
>>>>
>>>>
>>>>
>>>> CoreDumpDirectory /wslogs
>>>>
>>>>
>>>>
>>>> # Block Files with Server Side Script - file extensions
>>>>
>>>> <FilesMatch "^.*\.(sh|ksh|go|gsp|lp|op|lua|cgi|ipl|pl|php|rhtml?|py|rb?w|smx|lasso|tcl|dna|tpl|r|w)$">
>>>>
>>>> Order Deny,Allow
>>>>
>>>> Deny from all
>>>>
>>>> </FilesMatch>
>>>>
>>>>
>>>>
>>>> Alias /siteminderagent/pwcgi/ "/usr/local/webagent/pw/"
>>>>
>>>> <Directory "/usr/local/webagent/pw/">
>>>>
>>>> Options Indexes MultiViews ExecCGI
>>>>
>>>> AllowOverride None
>>>>
>>>> Order allow,deny
>>>>
>>>> Allow from all
>>>>
>>>> </Directory>
>>>>
>>>> Alias /siteminderagent/pw/ "/usr/local/webagent/pw/"
>>>>
>>>> <Directory "/usr/local/webagent/pw/">
>>>>
>>>> Options Indexes MultiViews ExecCGI
>>>>
>>>> AllowOverride None
>>>>
>>>> Order allow,deny
>>>>
>>>> Allow from all
>>>>
>>>> </Directory>
>>>>
>>>> Alias /siteminderagent/ "/usr/local/webagent/samples/"
>>>>
>>>> <Directory "/usr/local/webagent/samples/">
>>>>
>>>> Options Indexes MultiViews
>>>>
>>>> AllowOverride None
>>>>
>>>> Order allow,deny
>>>>
>>>> Allow from all
>>>>
>>>> </Directory>
>>>>
>>>>
>>>>
>>>> #To Disable HTTP TRACE / TRACK Method in all Directives
>>>>
>>>> RewriteEngine On
>>>>
>>>> RewriteLog "/wslogs/http/rewrite.log"
>>>>
>>>> RewriteLogLevel 5
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -d
>>>>
>>>> RewriteRule ^ - [NC,L]
>>>>
>>>> RewriteRule ^ index.html [NC,L]
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> and the .htaccess is
>>>>
>>>> <IfModule mod_rewrite.c>
>>>>
>>>> RewriteEngine on
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>>>>
>>>> RewriteCond %{REQUEST_FILENAME} -d
>>>>
>>>> RewriteRule ^.*$ - [NC,L]
>>>>
>>>> RewriteRule ^.*$ index.html [NC,L]
>>>>
>>>> </IfModule>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Any idea why this happens ? This happens only for certain users and always. For all the other users it works well. We use siteminder before these calls are made to authenticate the users but it redirects appropriately and the angular app makes the above calls .
>>>>
>>>>
>>>>
>>>> I would also like to see whether I can print the absolute url in the logs or get more debug information about the calls.
>>>>
>>>>
>>>>
>>>> Thx
>>>>
>>>> Vaidya

On Tue, May 17, 2022 at 7:30 AM vaidya nathan <vaidyaatdst@gmail.com> wrote:
>
> Hello World,
>
>
>
> I have a strange problem. I have an angular app deployed in http server and for some users alone I see that one of the calls ( generate-token in this case) is not reaching the server (which happens to be a spring boot server deployed in websphere liberty).
>

Since you seem to use IBM HTTP Server, you can add %{RH}e to your
LogFormat to see which module returned the 502.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org