Re: [AOLSERVER] Tracked down bug with PROPFIND / OPTIONS methods

Peter Sadlon Mon, 26 Nov 2012 11:40:57 -0800

I had a similar issue in the past, I believe I had tracked it down to a 
toolbar, or some desktop application probing the site for some reason, I don't 
remember exactly.Here is my filter put in 
/servers/my_server/modules/tcl/filters.tcl
ns_register_filter preauth OPTIONS * options_naproc options_na { why } {  
ns_return 405 "text/html; charset=iso-8859-1" "OPTIONS method is not allowed on 
this url"  return filter_return}
too add the same for PROFIND just copy the first line and replace OPTIONS with 
PROFIND and put it after the 1st line, then restart your server.
Date: Mon, 26 Nov 2012 12:22:21 -0500
From: d...@thedesignexperience.org
To: dv...@diphi.com
CC: aolserver-talk@lists.sourceforge.net; brian.fen...@quest.ie
Subject: Re: [AOLSERVER] Tracked down bug with PROPFIND / OPTIONS methods


You can register a filter for those methods to return a 405 Method Not Allowed 
response.
These requests can come from Microsoft products checking the capabilities of 
your web server so it is not necessarily a hacker although it can indidcate 
that as well.



On Mon, Nov 26, 2012 at 12:13 PM, Jeff Rogers <dv...@diphi.com> wrote:

If this is the bug I think it is, a checkin from 10/2011 fixed this bug.



handle internal error from redirect recursion overflow

directly instead of redirecting to internal error page.  Prevents

error displaying error page from crashing server.



If updating to a more recent server isn't an option, you should be able

to apply the patch standalone:



http://aolserver.cvs.sourceforge.net/viewvc/aolserver/aolserver/nsd/op.c?r1=1.18&r2=1.19



Also, doesn't necessarily need to be hackers probing you;  some versions

of windows are very eager about discovering shares on their local network.



-J





Fenton, Brian wrote:

> Hello

>

> We've just had some reports of this error re-appearing on some systems. Was 
> there ever a solution found?

>

> These PROPFIND/OPTIONS methods seem to be something to do with WebDav, which 
> as far as I'm aware, we're not using. Any idea what would cause them to 
> appear in the logs?

>

> Thanks

> Brian

>

>

> -----Original Message-----

> From: Tom Jackson

> Sent: 14 April 2009 14:10

> To: aolserver-talk@lists.sourceforge.net

> Subject: [AOLSERVER] Tracked down bug with PROPFIND / OPTIONS methods

>

> Over the last few years some users have noticed that their servers

> suddenly stop responding, and the error log has entries similar to this:

>

> [-conn:965-] Error: return: failed to redirect

> 'PROPFIND /global/file-not-found.tcl': exceeded recursion limit of 3

> [-conn:965-] Error: return: failed to redirect

> 'PROPFIND /global/server-error.tcl': exceeded recursion limit of 3

>

> The second error.log line then repeats hundreds or thousands of times

> until the server stops responding.

>

> The question is why this happens, and what do these log entries tell

> us.

>

> I think I have found out the answer, but the fix isn't apparent.

>

> The first error message indicates the recursion limit code is working

> correctly, after three tries, the HTTP status code goes from 404 to 500.

> The second error message indicates a similar recursion limit is reached

> looking for a 500 handler. Unfortunately there is a loop here:

>

> Ns_ConnReturnInternalError

>   executes

> ReturnRedirect

>   which executes

> Ns_ConnRedirect

>   which executes

> Ns_ConnReturnInternalError

>

> This loop accounts for the remaining error log entries.

>

> One problem is that ReturnRedirect uses the redirects configured like

> this:

>

> ns_section "ns/server/farid/redirects"

> ns_param   404 "/fnf-tmpl.tcl"

> ns_param   403 "global/forbidden.html"

> ns_param   500 "global/server-error.tcl"

>

> What is missing, it seems to me is the method of the request. The method

> is used in Ns_AuthorizeRequest and Ns_ConnRunRequest.

>

> The quick fix is to not configure a 500 redirect.

>

> tom jackson

>

>

> --

> AOLserver - http://www.aolserver.com/

>

> To Remove yourself from this list, simply send an email to 
> <list...@listserv.aol.com> with the

> body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: 
> field of your email blank.

>

> _______________________________________________

> aolserver-talk mailing list

> aolserver-talk@lists.sourceforge.net

> https://lists.sourceforge.net/lists/listinfo/aolserver-talk

>

> ------------------------------------------------------------------------------

> Monitor your physical, virtual and cloud infrastructure from a single

> web console. Get in-depth insight into apps, servers, databases, vmware,

> SAP, cloud infrastructure, etc. Download 30-day Free Trial.

> Pricing starts from $795 for 25 servers or applications!

> http://p.sf.net/sfu/zoho_dev2dev_nov

> _______________________________________________

> aolserver-talk mailing list

> aolserver-talk@lists.sourceforge.net

> https://lists.sourceforge.net/lists/listinfo/aolserver-talk

>





------------------------------------------------------------------------------

Monitor your physical, virtual and cloud infrastructure from a single

web console. Get in-depth insight into apps, servers, databases, vmware,

SAP, cloud infrastructure, etc. Download 30-day Free Trial.

Pricing starts from $795 for 25 servers or applications!

http://p.sf.net/sfu/zoho_dev2dev_nov

_______________________________________________

aolserver-talk mailing list

aolserver-talk@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/aolserver-talk



-- 
Dave Bauer
d...@solutiongrove.com
http://www.solutiongrove.com






------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
aolserver-talk mailing list
aolserver-talk@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/aolserver-talk

------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov

_______________________________________________
aolserver-talk mailing list
aolserver-talk@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/aolserver-talk

Re: [AOLSERVER] Tracked down bug with PROPFIND / OPTIONS methods

Reply via email to