I have a few POST actions. There are always stupid crawlers trying to ping those actions, resulting in "No route matches [GET]" errors.
There are too much of them, and most of them are purely noise. How can I make it so this kind of error messages are ignored.
I used to use exception_notification gem, and now I use rollbar gem. The amount of these kind of trash error message always floods my error monitoring (either lots of messages, or too much error api calls).
Related
We are hosted on Heroku, and have the NewRelic add on. Every day I check the errors, and almost every day this error comes up.
Action and Type
Middleware/Rack/Rack::MethodOverride#call
EOFError
Message
bad content body
This is a Rails Application, and so I figure it's not doing anything in particular other than returning a 440 response status because there is nothing at the url they are trying to access.
URL
/wp-admin/admin-ajax.php
Through some google-fu I found an article pertaining to this being a brute force attack on wordpress sites.
My specific question is:
Do I worry about this?
I inherited the site and am not sure if this is just something that happens, and if it is something that rails applications don't have to worry about? It seems fairly targeted towards wordpress, but I can't find any documentation on whether I should be doing more to stop this.
Other frequently pinged urls that don't exist on my application
/sites/all/libraries/elfinder/php/connector.minimal.php
/license.php
/tiny_mce/plugins/tinybrowser/upload_file.php
Any enlightenment on the subject would be great. Stack trace available if needed. Thanks in advance, overflowers.
As long as you don't have a route configured to handle those requests you then only have to worry about getting spammed these requests and losing network resources. They'll recieve a 404 Not Found error when they try to reach it and so there is nothing they can really do except slow your site if they spam requests. If they do it often you can ban their IP address.
I am seeing spurious HTTP 500 errors with cryptic messages. For example, doing a GET using oauth on /projects/28408740055707 I see a response body: {"errors":[{"message":"Server Error","phrase":"24 purple woodchucks wriggle fast"}]}
I've also seen it on GET /tasks/{taskId}/stories and other endpoints as well. Any thoughts on this? Thanks!
When an API call or an action within the Asana application generates a server error we generate a random phrase that corresponds so that we can easily look up logs about the issue later.
If you continue to experience 500 errors when making calls to the API we encourage you to write into api-support#asana.com and reference the error phrase along with the call that you were making so that we can try to fix the issue.
I checked for "24 purple woodchucks wriggle fast" and that specific issue seems to have been solved.
There is a generic authentication error which does not seem to hit any debug points, and ALWAYS sends the user to "/home/error".
I've searched far and wide, web.config, routing, etc... and can find no trace of a default error handling sending users to /home/error
I would really like to handle my own exceptions with custom messages, and this is preventing that. Any idea where I can look to find some manner of default error handling?
I've got a RESTful resource (let's say posts) that excludes the index action. When I go to /posts, ActionController::MethodNotAllowed is raised because GET requests at that URL have been excluded. That much makes sense.
The problem is that in the production environment, that URL just generates a white screen in the browser. I can see ActionController::MethodNotAllowed being raised in the production log. I would expect that this would also cause a 404 or 500 error so that the error pages in the public directory would serve a pretty error page to the client.
Does this cause a different HTTP status code? How can I handle this?
I'm not positive about what the error might be, but you should get Firebug and check what the HTTP response code coming back is.
To get around the issue, you could do one of two things:
Don't disallow that page in the routes, but have the only code in that method do a redirect to an appropriate page.
Add a custom route that overrides GET /posts, which points to your desired controller.
i get this exception
ActionController::MethodNotAllowed: Only get requests are allowed.
please can any one give solution for this
This error means you are trying to post/put/delete to a path that only accepts GET requests. You need to confirm that your route and the path and/or form method you are using match up.
This error occurs when you have defined a standard route and a client is trying to connect to the route using a HTTP method different than GET or POST.
Usually, this is caused by clients using the Microsoft Office Protocol Discovery. These clients send an OPTION request which is not supported by Rails.
You can fix the problem in multiple ways:
ignore the error in your production environment
prevent the error using a before_filter and head 406 in your controller
rescue the error using rescue_from in your controller
prevent the error filtering the request via Rack Middleware
prevent the error blocking non GET/POST/HEAD requests using your webserver
I personally prefer the last option, but it requires you to have administration privileges on the server. Otherwise, the Rack Middleware option is the most efficient way to filter unexpected requests.
How are you trying to get to this page? It looks like you are trying to do some other kind of RESTful call (put, post, delete) and that method. A code snipped of that controller would be really helpful to diagnose the problem.