- "Crash" means it terminates the Jenkins process. - We also assume it was a kind of attack. We use additional webserver authentication with Jenkins since then and have not seen the error again.
On Friday, August 25, 2017 at 9:10:59 AM UTC+2, Daniel Beck wrote: > > > > On 10. Feb 2017, at 09:50, daniel....@gmail.com <javascript:> wrote: > > > > Since a few days I see crashes on Jenkins: > (/var/log/jenkins/jenkins.log) > > To clarify, when you write "crash" you mean "logs a warning"? Or does it > actually terminate the Jenkins process? > > > Feb 10, 2017 4:35:15 AM hudson.security.csrf.CrumbFilter doFilter > > WARNING: No valid crumb was included in request for /azenv.php. > Returning 403. > > Looks like someone's sending `POST /azenv.php`, an URL that doesn't exist > in Jenkins. Probably an automated (exploit?) script unrelated to Jenkins. > > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/60620809-1e92-4c2d-aa8d-9071ee83f996%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.