Hi, I've installed Varnish 4.1.2 about two weeks ago on Centos 6. A week later some of my domains, top levels only '/', became redirected to amazon site. Subdirectories don't seem to be affected.Flushing url removes redirection for day o two until the next time. Source code was scanned against any malicious code with no positives. As well I cannot find anything suspicious in logs, no varnish commands in syslog, not much in apache and varnish logs. Passwords were changed. The issue occurs on two different vps servers with exact the same source code. X-Forwarded-For and mod_remoteip are used to get client IPs. Before installing Varnish, all domains were online for about two years with no issues. Below are three requests from varnishlog showing affected domain. First is HEAD request from my script monitoring website, Age 0, returning status code 200. The next one where status code was changed to 302 and redirects traffic to amazon site, Age 0.And the last one, my status monitoring HEAD request returning 302 and Age 17, which means page is delivered from cache. I got two opinions so far that such behaviour is not possible in Varnish level, and must be triggered by some software.After a week I have no idea what else I can do so any suggestions are appreciated. Thank you,Derek
* << Request >> 1218382 - Begin req 1218381 rxreq- Timestamp Start: 1465944871.292117 0.000000 0.000000- Timestamp Req: 1465944871.292117 0.000000 0.000000- ReqStart 1.2.3.4 39668- ReqMethod HEAD- ReqURL /- ReqProtocol HTTP/1.1- ReqHeader User-Agent: Firefox- ReqHeader Host: www.example.com- ReqHeader Accept: */*- ReqHeader X-Forwarded-For: 1.2.3.4- VCL_call RECV- VCL_acl NO_MATCH forbidden_ip- ReqHeader X-Device: pc- ReqHeader Cookie: - ReqUnset Cookie: - ReqUnset Host: www.example.com- ReqHeader host: www.example.com- VCL_acl NO_MATCH allowed_ip- VCL_return hash- VCL_call HASH- VCL_return lookup- Debug "XXXX HIT-FOR-PASS"- HitPass 1218341- VCL_call PASS- VCL_return fetch- Link bereq 1218383 pass- Timestamp Fetch: 1465944871.779680 0.487563 0.487563- RespProtocol HTTP/1.1- RespStatus 200- RespReason OK- RespHeader Date: Tue, 14 Jun 2016 22:54:31 GMT- RespHeader Server: Apache- RespHeader Set-Cookie: PHPSESSID=db67f651e1635d1163145b49622a1639; path=/- RespHeader Expires: Thu, 19 Nov 1981 08:52:00 GMT- RespHeader Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0- RespHeader Pragma: no-cache- RespHeader Content-Type: text/html; charset=utf-8- RespHeader X-Varnish: 1218382- RespHeader Age: 0- RespHeader Via: 1.1 varnish-v4- VCL_call DELIVER- VCL_return deliver- Timestamp Process: 1465944871.779733 0.487616 0.000054- RespHeader Accept-Ranges: bytes- Debug "RES_MODE 0"- RespHeader Connection: keep-alive- Timestamp Resp: 1465944871.779789 0.487672 0.000056- ReqAcct 81 0 81 408 0 408- End * << Request >> 2296119 - Begin req 2296117 rxreq- Timestamp Start: 1465944914.191716 0.000000 0.000000- Timestamp Req: 1465944914.191716 0.000000 0.000000- ReqStart 100.43.91.12 48042- ReqMethod GET- ReqURL /- ReqProtocol HTTP/1.1- ReqHeader Host: www.example.com- ReqHeader Connection: Keep-Alive- ReqHeader user-agent: Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)- ReqHeader from: [email protected] ReqHeader Accept-Encoding: gzip,deflate- ReqHeader Accept-Language: ru, uk;q=0.8, be;q=0.8, en;q=0.7, *;q=0.01- ReqHeader Accept: */*- ReqHeader X-Forwarded-For: 100.43.91.12- VCL_call RECV- VCL_acl NO_MATCH forbidden_ip- ReqHeader X-Device: pc- ReqHeader Cookie: - ReqUnset Cookie: - ReqUnset Host: www.example.com- ReqHeader host: www.example.com- VCL_acl NO_MATCH allowed_ip- VCL_return hash- ReqUnset Accept-Encoding: gzip,deflate- ReqHeader Accept-Encoding: gzip- VCL_call HASH- VCL_return lookup- VCL_call MISS- VCL_return fetch- Link bereq 2296120 fetch- Timestamp Fetch: 1465944914.200088 0.008372 0.008372- RespProtocol HTTP/1.1- RespStatus 302- RespReason Found- RespHeader Date: Tue, 14 Jun 2016 22:55:14 GMT- RespHeader Server: Apache- RespHeader Cache-Control: max-age=2592000- RespHeader Expires: Thu, 14 Jul 2016 22:55:14 GMT- RespHeader Content-Length: 205- RespHeader Content-Type: text/html; charset=iso-8859-1- RespHeader Location: http://www.amazon.com- RespHeader X-Varnish: 2296119- RespHeader Age: 0- RespHeader Via: 1.1 varnish-v4- VCL_call DELIVER- VCL_return deliver- Timestamp Process: 1465944914.200132 0.008417 0.000044- Debug "RES_MODE 2"- RespHeader Connection: keep-alive- Timestamp Resp: 1465944914.200198 0.008483 0.000066- ReqAcct 285 0 285 319 205 524- End * << Request >> 2296134 - Begin req 2296133 rxreq- Timestamp Start: 1465944930.719179 0.000000 0.000000- Timestamp Req: 1465944930.719179 0.000000 0.000000- ReqStart 70.27.178.167 39686- ReqMethod HEAD- ReqURL /- ReqProtocol HTTP/1.1- ReqHeader User-Agent: Firefox- ReqHeader Host: www.example.com- ReqHeader Accept: */*- ReqHeader X-Forwarded-For: 70.27.178.167- VCL_call RECV- VCL_acl NO_MATCH forbidden_ip- ReqHeader X-Device: pc- ReqHeader Cookie: - ReqUnset Cookie: - ReqUnset Host: www.example.com- ReqHeader host: www.example.com- VCL_acl NO_MATCH allowed_ip- VCL_return hash- VCL_call HASH- VCL_return lookup- Hit 2296120- VCL_call HIT- VCL_return deliver- RespProtocol HTTP/1.1- RespStatus 302- RespReason Found- RespHeader Date: Tue, 14 Jun 2016 22:55:14 GMT- RespHeader Server: Apache- RespHeader Cache-Control: max-age=2592000- RespHeader Expires: Thu, 14 Jul 2016 22:55:14 GMT- RespHeader Content-Length: 205- RespHeader Content-Type: text/html; charset=iso-8859-1- RespHeader Location: http://www.amazon.com- RespHeader X-Varnish: 2296134 2296120- RespHeader Age: 17- RespHeader Via: 1.1 varnish-v4- VCL_call DELIVER- VCL_return deliver- Timestamp Process: 1465944930.719297 0.000118 0.000118- Debug "RES_MODE 0"- RespHeader Connection: keep-alive- Timestamp Resp: 1465944930.719347 0.000169 0.000051- ReqAcct 81 0 81 328 0 328- End
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
