We just launched a rails app on heroku and see a lot of connection timeouts to the api.
We have a connection timeout of 10 sec.
Is it a normal behavior or is it because of too many hits? All queries are authenticated as a user.
We query friends/ids and followers/ids only.
We see also timeouts in our reverse auth query done by the same app.
Do somebody already had something like that?
EDIT
Having a support ticket, they told me they were looking with twitter's engineers to avoid blacklist.
It appears this is due to Twitter blacklisting Heroku's primary IP addresses. If you are having this issue, please file a ticket with Heroku and comment on this Twitter discussion: https://dev.twitter.com/discussions/20185
When you are using the Twitter gem (?) sometimes the connection timeout happens when your DNS server can't resolve the IP of api.twitter.com fast enough. Check your DNS settings # /etc/resolv.conf
Most the PaaS are using the Google ones (4.4.4.4 or 8.8.8.8) which are rate limited and sometimes very slow...resulting in connection timeouts.
Got the same problem running a Rails app on Cloud66/DigitalOcean. Changed the DNS to some more local ones and the Twitter gem performance like a jaguar.
Related
I am trying to configure JDBC but kept getting the same error I am getting using snowsql:
250001 (08001): Failed to connect to DB. Verify the account name is correct: JG3409.canada-central.azure.snowflakecomputing.com:443. 000403: 403: HTTP 403: Forbidden
If the error message is unclear, enable logging using -o log_level=DEBUG and see the log to find out the cause. Contact support for further help.
Goodbye!
I have configured the config file, and I have double checked the account, company, region, reset password to only use alphanumeric.
I have used both forms of the URL
The only possibility is that I am using a trial account, but I can't imagine that this would limit external non-browser connections?
I use a simple user/password, I have whitelisted my IP and I don't have a problem with a proxy or a firewall. I can successfully connect using a browser.. using:
https://app.snowflake.com/canada-central.azure/jg63409
Important contents of the config file:
[connections]
accountname=JG3409
#accountname=uegxydq-pz20606
region=canada-central.azure
username=ASHSNOWFLAKE
any ideas?
Your account is not JG3409 but JG63409 based on this link:
https://app.snowflake.com/canada-central.azure/jg63409
Try in your browser:
https://jg63409.canada-central.azure.snowflakecomputing.com
I found out using snowcd that my computer could not connect via my home router.
When I used my personal hotspot on my (5G) phone, snowcd passed all the tests immediately. The problem then arose how to adjust the network security policy to allow a CIDR block of network addresses through since my phone uses a new address every time I connect, and I can't edit the policy to allow my phone while connected via my phone (for obvious reasons)
Catch 22
123.45.0.0/16 is not accepted in the new Snowflake UI, and 0.0.0.0 doesn't work for me, but the documentation gave me a clue.. the new UI doesn't separate by commas, so I switched to the old UI and voila!
Incidentally the OLD UI uses the same URL as SnowSQL so I picked up my error in my account number there as well (although I should have seen it earlier).
Diabolical but thanks #Sergiu too!
I have a RoR app that reads emails from my inbox using the gmail gem. I've deployed to Heroku and everything works fine, except connecting to gmail.
On my local machine it connects with no issues (after I allowed access for less secure apps).
Using the basic gmail login method;
Gmail.connect!('my_email#gmail.com','password')
I get the following error in production only.
Gmail::Client::AuthorizationError: Couldn't login to given Gmail account: my_email#gmail.com (Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure))
And then I'll go to https://www.google.com/accounts/DisplayUnlockCaptcha (as other answers have suggested) and it will work fine for a short time period and then suddenly stop working again.
I'm using Ruby v2.4.1, RoR v5.1.1 and the gmail gem v0.6.0 (https://github.com/gmailgem/gmail)
Any help would be great.
Are you deploying to a domain? It could be caused by the fact that:
Heroko will not give you even a range of IP addresses - they can, may and will move dynos between Amazon zones as needs require.
Your only option would be some sort of proxy node with a static IP that they talk to that securely communicates to your Heroku app - or consider if Heroku is the right fit for you here altogether.
Source: Get a finite list of IP addresses for my Heroku App?
It seems like you sign into Google and whitelist what an IP (as far as they're concerned) and then the dyno switches a bit later for whatever reason so then Google no longer has your dyno's IP in the whitelist for this app.
I am currently connecting to the Twitter User Stream API but it seems that I am not getting updates on my production environment (https), it does work on my staging server though.
Some information that I checked myself already:
- The 2 environments are on the same server so it can not be an IP block.
- A code issue would be possible but unlikely since it works on staging but not on production
- Nginx is configured correctly to allow this on https since it worked before
the only thing I can think of is that Twitter blocked our https connection, we reached a Twitter cap or Twitter got problems streaming to Https.
Is there anyone that encountered this before or that can help me with this?
It seems that this was caused by Twitter who puts an internal (badly documented) limit on connections from a webservice to their UserStream service. (This connection limit is around 20 - 30 connections I think).
A solution that I use now is to poll every 90 seconds to their REST api.
I have a website, http://www.scubastic.com, which I use as a playground app for Ruby on Rails development and SEO hacking. I have run into an issue that I can not seem to fix on my own and it revolves around SSL, SEO, and Heroku.
TL;DR: I had an SSL site and I disabled it but Google still remembers the SSL site. How do I get Google to switch to the Non-SSL site when the SSL site still responds but with a Certificate error??
Basically, when I first created Scubastic.com, I setup Heroku SSL as an excercise in learning it. I setup Google Web Master Tools and began playing around with the various aspects of SEO as well. After I was satisfied, I disabled Heroku SSL and stopped the monthly bill.
Now I have a very interesting problem. Google can't seem to forget the HTTPS version of my site and index is quite stale. Worse, the link people get in Google greets them with an SSL Certificate issue (the *.herokuapp.com Cert doesn't match www.scubastic.com issue) which does nothing to help my page rank. If I manually click through the SSL errors, I do arrive at the website. I find this quite odd because I removed Heroku SSL entirely and the application still responds to SSL requests....to me this is a bug in Heroku and I wish I had greater control over the situation. Alas, I turned to trying to handle this at the application layer because SSL requests still hit the Rails stack (even though these requests should not respond at all!)
So my first attempt at fixing the Google index was to setup a 301 Moved Permanently redirect if any request came into the app as SSL.
class ApplicationController < ActionController::Base
before_filter :redirect_ssl
private
#only need this until Google doesn't link to HTTPS anymore
def redirect_ssl
if request.ssl?
redirect_to "http://#{request.host_with_port}#{request.fullpath}",
:status => :moved_permanently
end
end
end
If you go to Google and search for my site name, you can see the issue I'm having:
https://www.google.com/?q=scubastic
I basically just want Google to stop linking to my SSL site and refresh with the latest content.
Thank in advance for your help.
I was able to resolve the issue with my original post and a lot of patience. It took 5 days for google to update its index but now the link google serves to my site is the non-ssl version.
The redirect is not going to help currently because browsers will barf when they get an invalid certificate when trying to establish a SSL connection to Heroku and that's before any HTTP is done. I don't think it's a bug with Heroku: You removed SSL (and by implication the certificate) and that leaves no way for Heroku to respond correctly to SSL connection requests to your domain.
Here's what you can do:
Re-add SSL on Heroku
Add the redirection you have
Wait for Google to cotton on to the change
Remove SSL
There is also the option of actively asking Google to remove the page, because it's old/not available anymore: Check the webmaster tools help for how to "Remove old or deleted information from Google".
I'm trying to write a web application that would use Twitter via OAuth.
I run my local server as 'localhost', so I need the callback URL to be something like http://localhost/something/twitter.do but Twitter doesn't like that: Not a valid URL format
I'm probably going to do a lot of tests, but once I've approved my app with my username, I can't test again can I? Am I supposed to create multiple twitter accounts? Or can you remove an app and do it again?
You can use 127.0.0.1 instead of localhost.
You can authorize your app as many times as you like from the same twitter account without the necessity to revoke it. However, the authenticate action will only prompt for Allow/Deny once and all subsequent authenticate requests will just pass through until you revoke the privilege.
Twitter's "rate limiting" for API GET calls is based on IP address of the caller. So, you can test your app from your server, using the same IP address, and get (once approved) 15,000 API calls per hour. That means you can pound on your app with many different usernames, as long as your approved IP address remains the same.
When you send the e-mail to Twitter to ask for an increase to your rate limit, you can also ask for the increase to apply to your Twitter username too.
I believe Twitter requires you - if you need to change your IP address, or change the username that is using the app - to send in another request asking for the rate limit increase for that new IP address or username. But, in my experience, Twitter has been pretty quick at turning around these requests (maybe less than 48 hours?).
use like this
for Website :http://127.0.0.1
and for callback URL: http://127.0.0.1/home
or any of your page address like http://127.0.0.1/index
Have you tried creating your own caching mechanism? You can take the result of an initial query, cache it on thread local, and given an expiration time, refresh from Twitter. This would allow you to test your app against Twitter data without incurring call penalties.
There is also another solution (a workaround, rather) which requires you to edit your hosts file.
Here is how you do it on a linux box:
Open your /etc/hosts file as root. To do this, you can open a terminal and type something like sudo vi /etc/hosts.
Pick a non-existent domain to use as your local address, and add it to your hosts file. For example, you will need to add something similar to the following at the end.
127.0.0.1 localhost.cep # this domain name was accepted.
So, that's pretty much it. Pointing your browser to localhost.cep will now take you to your local server. Hope that helped :)
In answer to (1), see this thread, in particular episod's replies: https://dev.twitter.com/discussions/5749
It doesn't matter what callback URL you put in your app's management page on dev.twitter.com (as long as you don't use localhost). You provide the 'real' callback URL as part of your request for an OAuth token.
1.) Don't use localhost. That's not helpful. Why not stand up another server instance or get a testing vm slice from slicehost?
2.) You probably want a bunch of different user accounts and a couple different OAuth key/secret credentials for testing.
You were on the right track though: DO test revoking the app's credentials via your twitter account's connections setting. That should happen gracefully. You might want to store a status value alongside the access token information, so you can mark tokens as revoked.