I have a website I'm running on cloudflare that is proxied and I want to get the visitors ip. I need to get this header request.headers.get('cf-connecting-ip') and replace the ip in gunicorn with that header. How would I do this? My current gunicorn access logs look like this:
172.70.114.46 - - [27/Sep/2022:19:37:12 -0400] "GET / HTTP/1.1" 200 2332 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0"
I am setting up Fail2ban on my server, recently got a lots bad bots is crawling my site cause my SQL server down
From my Apache2 logs
51.255.65.13 - - [10/Dec/2017:12:03:19 +0800] "GET /crew/nm0935095-gary-winick HTTP/1.0" 200 17985 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"
51.255.65.30 - - [10/Dec/2017:12:03:31 +0800] "GET /movie/tt0498567-summer-time-machine-blues HTTP/1.0" 200 17658 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"
217.182.132.190 - - [10/Dec/2017:12:03:36 +0800] "GET /movie/tt1705064-genji-monogatari:-sennen-no-nazo/ HTTP/1.0" 200 17344 "-" "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"
how to create a failregex for "ahrefs.com" ?
Many Thanks
In order to catch anything containing "ahrefs.com", your failregex would look as follows:
failregex = ^<HOST>.*ahrefs\.com.*
Where the <HOST> tag is built-in Fail2ban as an alias for (?:::f{4,6}:)?(?P<host>\S+):
https://www.fail2ban.org/wiki/index.php/Apache
While installing the certificate of the WSO2 agent I am getting the following error "Cannot Install Profile-Safari could not install a profile due to an unknown error".
The logs which I am getting are
<ip>- - [20/Jun/2016:16:47:54 +0530] "GET /ios-enrollment/ca HTTP/1.1" 302 - "-" "Jakarta Commons-HttpClient/3.1"
<ip>- - [20/Jun/2016:16:47:54 +0530] "GET /carbon/admin/login.jsp HTTP/1.1" 200 15541 "-" "Jakarta Commons-HttpClient/3.1"
172.17.242.31 - - [20/Jun/2016:16:47:54 +0530] "GET /emm-web-agent/enrollment/ios/download-certificate HTTP/1.1" 200 15541 "https://<ip>:9443/emm-web-agent/enrollments/ios/download-agent" "Mozilla/5.0 (iPad; CPU OS 7_0_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A501 Safari/9537.53"
I have followed this tutorial: http://blog.wercker.com/2013/11/25/django-16-part3.html and I am just trying to make it work locally with Vagrant for now. I am not trying to use Wercker.
After everything is installed, I try to access the website but I get a Bad Request (400) error every time. I do not know if that is due to a problem in nginx or in gunicorn.
They both have a log entry so at least I know that the request goes all the way through gunicorn and is not stopped at the nginx level.
Where is the problem located? Gunicorn? nginx?
Here are the logs of gunicorn and nginx.
I see that the favicon is missing but that only should not stop the page from being displayed right?
Gunicorn:
>>> cat /var/local/sites/hellocities/run/gunicorn.error.log
10.0.0.1 - - [28/Jan/2014:07:05:16] "GET / HTTP/1.0" 400 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
10.0.0.1 - - [28/Jan/2014:07:09:43] "GET / HTTP/1.0" 400 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
Nginx:
>>> cat /var/log/nginx/hellocities-access.log
10.0.0.1 - - [28/Jan/2014:07:05:16 +0000] "GET / HTTP/1.1" 400 37 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
10.0.0.1 - - [28/Jan/2014:07:05:20 +0000] "GET /favicon.ico HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
10.0.0.1 - - [28/Jan/2014:07:09:43 +0000] "GET / HTTP/1.1" 400 37 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
10.0.0.1 - - [28/Jan/2014:07:09:44 +0000] "GET /favicon.ico HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.76 Safari/537.36"
>>> cat /var/log/nginx/hellocities-error.log
2014/01/28 07:05:20 [error] 13886#0: *1 open() "/var/local/sites/hellocities/static/favicon.ico" failed (2: No such file or directory), client: 10.0.0.1, server: _, request: "GET /favicon.ico HTTP/1.1", host: "10.0.0.200"
2014/01/28 07:09:44 [error] 13886#0: *3 open() "/var/local/sites/hellocities/static/favicon.ico" failed (2: No such file or directory), client: 10.0.0.1, server: _, request: "GET /favicon.ico HTTP/1.1", host: "10.0.0.200"
I had the same problem and adding ALLOWED_HOSTS = ("yourdomain.com",) to settings fixed it.
UPDATE: there few other possibilities:
Nginx (or whatever web server you use) doesn't pass the $host variable to the app
Host contains underscores
See details: https://blog.anvileight.com/posts/how-to-fix-bad-request-400-in-django/
As I was having the same issue (400 error code when trying to share with vagrant share), I stumble upon this question. The answer and comments are right, as the obvious solution is to set ALLOWED_HOSTS list, but I was already setting it correctly (I thought).
I can't speak for nginx as I'm running this on apache2, but here's what solved the issue:
Take a look at the ALLOWED_HOSTS doc to find what's best for your case.
With vagrant, you might find it useful to accept all the vagrantshare.com subdomain, so just add '.vagrantshare.com' (notice the dot) to the ALLOWED_HOSTS list.
Not sure if it is really necessary, but I changed the modified date of the wsgi.py file
touch wsgi.py
As I'm using apache2, I needed to restart the service.
sudo service apache2 restart
And then it worked.
I ran into this issue. It was because I forgot to add the proxy_set_header settings in the nginx config:
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
So Django didn't see the original hostname that was requested, so it didn't match with what was in ALLOWED_HOSTS. Then it gave back the 400 response.
After adding this to my nginx config (at the spot where you do the proxy_pass to Gunicorn) and then restarting nginx, it worked.
More info: https://docs.gunicorn.org/en/stable/deploy.html#nginx-configuration
That's my first Django project and I'm trying to deploy it to OpenShift, but I have a problem: when I'm trying to open app's page, I see "503: Service Temporarily Unavailable" message. I thought that app wasn't started so I tried to launch 'ctl_app start' in ssh and I've got this:
python: can't open file 'app.py': [Errno 2] No such file or directory
I tried to start app this way: rhc app start customerquiz and got this:
RESULT:
customerquiz started
But it took no effect. Well, I tried to look the state of app:
$ rhc app show --state customerquiz
Cartridge python-2.7, mysql-5.1, phpmyadmin-3.4 is started
And that's what in server logs:
$ rhc tail customerquiz
==> mysql-5.1/log/mysql_error.log <==
130519 17:32:54 [Note] /usr/libexec/mysqld: Shutdown complete
130519 17:32:54 mysqld_safe mysqld from pid file /var/lib/openshift/000005//mysql-5.1/pid/mysql.pid ended
130519 17:33:04 mysqld_safe Starting mysqld daemon with databases from /var/lib/openshift/000005//mysql-5.1/data/
130519 17:33:04 InnoDB: Initializing buffer pool, size = 16.0M
130519 17:33:05 InnoDB: Completed initialization of buffer pool
130519 17:33:05 InnoDB: Started; log sequence number 0 44233
130519 17:33:05 [Note] Event Scheduler: Loaded 0 events
130519 17:33:05 [Note] /usr/libexec/mysqld: ready for connections.
Version: '5.1.69' socket: '/var/lib/openshift/000005//mysql-5.1/socket/mysql.sock' port: 3306 Source distribution
==> python-2.7/logs/appserver.log <==
python: can't open file 'app.py': [Errno 2] No such file or directory
==> phpmyadmin-3.4/logs/access_log-20130519-000000-EST <==
109.254.107.11 - - [19/May/2013:17:14:13 -0400] "GET /phpmyadmin/themes/pmahomme/img/error.ico HTTP/1.1" 200 5430 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/phpmyadmin.css.php?server=1&token=436aa&js_frame=right&nocache=5471357898" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
- - - [19/May/2013:17:14:13 -0400] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.15 (Red Hat) (internal dummy connection)"
109.254.107.11 - admin [19/May/2013:17:14:18 -0400] "GET /phpmyadmin/ HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:14:19 -0400] "GET /phpmyadmin/main.php?token=436aa HTTP/1.1" 200 35472 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - adminB [19/May/2013:17:14:21 -0400] "GET /phpmyadmin/version_check.php?&_nocache=1368998062197204658 HTTP/1.1" 200 44 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/main.php?token=436aa" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:14:19 -0400] "GET /phpmyadmin/navigation.php?token=436aa HTTP/1.1" 200 5029 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:20:49 -0400] "GET /phpmyadmin/ HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:20:50 -0400] "GET /phpmyadmin/navigation.php?token=436aa HTTP/1.1" 200 5029 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:20:50 -0400] "GET /phpmyadmin/main.php?token=436aa HTTP/1.1" 200 35472 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
109.254.107.11 - admin [19/May/2013:17:20:52 -0400] "GET /phpmyadmin/version_check.php?&_nocache=1368998453881950766 HTTP/1.1" 200 44 "https://customerquiz-unclelem.rhcloud.com/phpmyadmin/main.php?token=8436aa" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0"
==> phpmyadmin-3.4/logs/error_log-20130519-000000-EST <==
[Sun May 19 17:12:56 2013] [notice] Digest: done
[Sun May 19 17:12:56 2013] [notice] Apache/2.2.15 (Unix) PHP/5.3.3 configured -- resuming normal operations
[Sun May 19 17:28:00 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:openshift_t:s0:c6,c356
[Sun May 19 17:28:00 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 19 17:28:00 2013] [notice] Digest: done
[
Sun May 19 17:28:00 2013] [notice] Apache/2.2.15 (Unix) PHP/5.3.3 configured -- resuming normal operations
[Sun May 19 17:33:17 2013] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:openshift_t:s0:c6,c356
[Sun May 19 17:33:17 2013] [notice] Digest: generating secret for digest authentication ...
[Sun May 19 17:33:17 2013] [notice] Digest: done
[Sun May 19 17:33:17 2013] [notice] Apache/2.2.15 (Unix) PHP/5.3.3 configured -- resuming normal operations
Does anyone have any ideas what can be wrong?
P.S. That's deployed project source code, if you need it: https://github.com/uncleLem/CustomerQuiz (I just changed database connection parameters).
P.P.S. Oh, BTW, if I open https://customerquiz-unclelem.rhcloud.com/phpmyadmin/ directly, I can see phpMyAdmin page.
We are not using mod_wsgi with these new carts. 2.7 uses gevent and 3.3 uses WebOb
Take a look at how we set up the app.py in the 2.7 cart
https://github.com/openshift/openshift-community-cartridge-python-2.7/blob/master/template/app.py
and for 3.3
https://github.com/openshift/openshift-community-cartridge-python-3.3/blob/master/template/app.py
Can you review the following blog post to see if it helps?
https://www.openshift.com/blogs/host-python-in-a-community-cart