I didn't see any error output on my server either time this happened. I need to enable Waitress's web traffic logging with TransLogger to see if maybe that helps give me some better info for next time. On Sunday, November 8, 2020 at 3:01:30 AM UTC-5 Bert JW Regeer wrote:
> I am going to need more information on what is going on, but this issue > was resolved as the regex should no longer be backtracking. > > On Nov 7, 2020, at 10:42, Cooper Baird <[email protected]> wrote: > > Did you find this was resolved with 1.4.3? I recently switched to using > Waitress (1.4.4) from Gunicorn for my API and have seen this behavior only > twice in the past 3 weeks where every request gets the Heroku H12 30 second > timeout. Both times I restarted the dyno and the issue was fixed. This is > the command I use to spin up the API: waitress-serve --port=$PORT > --connection-limit=2000 --threads=8 --cleanup-interval=15 > --channel-timeout=60 --asyncore-use-poll run:app. > > On Wednesday, February 5, 2020 at 2:05:13 PM UTC-5 [email protected] > wrote: > >> Yeah, he sits right next to me :) >> >> >> On Monday, February 3, 2020 at 12:56:17 AM UTC-5, Bert JW Regeer wrote: >> >>> Just quickly following up on this. >>> >>> Thanks to Fil Zembowicz an issue was found in the regular expression >>> used to parse incoming headers, which may lead to a denial of service. This >>> has now been fixed in Waitress 1.4.3, please upgrade as soon as possible. >>> >>> https://pypi.org/project/waitress/1.4.3/ >>> >>> On Jan 9, 2020, at 07:51, 'Peter Lada' via pylons-discuss < >>> [email protected]> wrote: >>> >>> Github dependabot has opened a PR for me to upgrade to 1.4.2 (thanks for >>> the release), and I merged it yesterday around 1730. >>> >>> At around 1930 one of the 6 dynos (heroku, 1X instance, single CPU, >>> 0.5GB RAM) has come to get pegged at 1.0 load and timed out every >>> subsequent request (heroku router cuts connection after 30s). >>> >>> At 1945 it happened to another dyno. >>> >>> At around 2000 I restarted the dynos and the problem got rectified, >>> probably temporarily. >>> >>> I've reverted to 1.4.1 and the issue has not surfaced since (12 plus >>> hours). >>> >>> Has anyone else used 1.4.2 in production? Any issues? >>> >>> Sadly I cannot provide more info, beyond the 1,5,15-minute load avg >>> graphs as the logs just show timed out requests and no other info. >>> >>> --peter >>> Formsort.com >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "pylons-discuss" group. >>> >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> >>> >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/pylons-discuss/54aa81bf-b935-4afc-b71c-f52d1fb15516%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/pylons-discuss/54aa81bf-b935-4afc-b71c-f52d1fb15516%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> <Screen Shot 2020-01-09 at 10.42.23.png> >>> >>> > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/7658401c-04a4-4ad9-a8f7-4d5d55285fe1n%40googlegroups.com > > <https://groups.google.com/d/msgid/pylons-discuss/7658401c-04a4-4ad9-a8f7-4d5d55285fe1n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/99930666-3692-4482-8cca-4a776a374513n%40googlegroups.com.
