Große Anzahl von Fehlern auf /user-badges.json

Crius · 24. Juli 2023 um 10:16

Here I am again pestering you guys.

Our users are formed by a good amount of tech-savvy people and raised this issue that I’ve had spotted some time ago but decided to postpone as I am also busy with non-forum-admin stuff

Anyway, today is a day in which I have people packing our house before a move so I can’t work anyway.

It’s quite some time that I noticed this but I can’t figure out why it’s happening only for the specific endpoint that return the badges for users.

I’ve a 224k rows logs I can pass along to support if needed but an excerpt that summarize it can posted here:

2023/07/23 00:31:58 [error] 69#69: *12563 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Quiroga.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:58 [error] 67#67: *7122 limiting requests, excess: 12.140 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/kAr.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.844 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/LorenzoLamas.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.844 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Predy.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *12563 limiting requests, excess: 12.808 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.772 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/JaKo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.592 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Quiroga.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.664 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13842 limiting requests, excess: 12.412 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/CrazyWildhog.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.424 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Clive.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.400 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.176 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Cardoza.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.140 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Nomeacaso.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *12559 limiting requests, excess: 12.936 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.924 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Nemo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.020 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/LorenzoLamas.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.544 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Nightmare.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.484 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.232 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *12563 limiting requests, excess: 12.316 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/inglo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.148 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/PogueMahone.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.316 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.100 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/JaKo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.088 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.016 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Sheika.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.680 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/CrazyWildhog.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.296 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.380 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.128 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.056 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/RisVIII.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.420 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Chuck.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"

OMITTED.COM is of course not the real hostname

This is what the prometheus metrics are showing me as well, which is imho a number of error requests that is definitely too high.

I thought of the rate limits but it’s happening only for that specific endpoint (I mean, significantly more at least) and if it was a rate limit issue wouldn’t it have to happen on other GET(s) as well?

I’m trying to understand what could be causing this first of all. Any hint or further info request is appreciated.

Just be aware I may be not that responsive this week as I’m literally moving house in the next 3-4 days

Cheers!

Ed_S · 24. Juli 2023 um 11:18

Falls es hilft und ich hoffe, dass dies nicht unerwünscht ist, hier ist ein Schnappschuss dieses Threads, der 185 Beiträge enthält:

Crius · 24. Juli 2023 um 13:31

Danke @Ed_S, solange der Hostname nicht im Klartext steht, ist alles in Ordnung. Ich möchte einfach nicht, dass Bots/Wanna-be-Hacker es zu leicht haben und ein kleines Community-Forum zum Spaß haben.

Ich widme dem schon jetzt viel zu viel Zeit, verglichen mit dem, was ich erwartet habe

hello-smile6 · 25. Juli 2023 um 00:53

Es scheint, als ob Sie die HTTP-Reverse-Proxy-Funktion von Cloudflare verwenden, aber nginx nicht so konfiguriert haben, dass es die echten IPs verwendet, die die Server von Cloudflare für Anfragen senden. Dies kann zu Problemen führen (wenn jede Anfrage von derselben Quelle zu kommen scheint, sind alle Ihre Benutzer von Ratenbegrenzungen betroffen, auch wenn nur einer übermäßige Anfragen sendet).

Crius · 28. Juli 2023 um 22:06

Danke für den Hinweis, haben Sie ein Thema/eine Anleitung, die ich lesen könnte, um dies zu beheben?

Der Reverse-Proxy wurde vom Eigentümer des VPS angefordert, um die tatsächliche IP-Adresse nicht preiszugeben.

hello-smile6 · 29. Juli 2023 um 03:52

Funktioniert das Hinzufügen dieser Vorlage korrekt?

Crius · 29. Juli 2023 um 22:02

Wird jetzt neu aufgebaut. Ich lasse es über Nacht laufen und schaue morgen/Montag wieder vorbei (bin noch mitten im Auspacken des Umzugs ).

Bearbeitung: Ein schneller Check direkt nach dem Neuaufbau scheint das Problem gelöst zu haben

Ich werde sowieso in ein paar Tagen ein Update geben!

Crius · 19. August 2023 um 16:10

„Ein paar Tage später“: Ja, das Aktivieren der zusätzlichen Vorlage für Cloudflare hat das Problem mit den fehlgeschlagenen Badge-Anfragen behoben.

Außerdem wurden einige andere Probleme behoben, wie z. B. der IP-Filter für Administratoren/Moderatoren, der alle von derselben IP anzeigte.

Das Monitoring, das ich von den Prometheus-Abfragen erhalte, zeigt jedoch trotzdem viele Fehler an.
Ich muss wohl etwas Zeit finden, um mir die Nginx-Logs anzusehen.

Thema		Antworten	Aufrufe
Topic history not loading correctly after migration Support	21	909	8. Februar 2023
Best free option to protect discourse from many requests Installation	30	2204	7. Oktober 2023
429 too many requests Installation	6	2678	19. April 2023
Cloudflare or plugins breaking my Discourse instance? Support	20	2261	9. Juni 2020
Discourse overloaded real traffic or DDOS? 100% CPU usage despite of decent traffic and high specs server Installation server-resources	18	2252	25. September 2021

Große Anzahl von Fehlern auf /user-badges.json

Verwandte Themen