/user-badges.json に大量のエラーがあります

Here I am again pestering you guys.

Our users are formed by a good amount of tech-savvy people and raised this issue that I’ve had spotted some time ago but decided to postpone as I am also busy with non-forum-admin stuff

Anyway, today is a day in which I have people packing our house before a move so I can’t work anyway.

It’s quite some time that I noticed this but I can’t figure out why it’s happening only for the specific endpoint that return the badges for users.

I’ve a 224k rows logs I can pass along to support if needed but an excerpt that summarize it can posted here:

2023/07/23 00:31:58 [error] 69#69: *12563 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Quiroga.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:58 [error] 67#67: *7122 limiting requests, excess: 12.140 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/kAr.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.844 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/LorenzoLamas.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.844 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Predy.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *12563 limiting requests, excess: 12.808 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.772 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/JaKo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.592 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Quiroga.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.664 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13842 limiting requests, excess: 12.412 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/CrazyWildhog.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.424 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Clive.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.400 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.176 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Cardoza.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.164 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.140 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Nomeacaso.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *12559 limiting requests, excess: 12.936 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.924 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Nemo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.020 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/LorenzoLamas.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.544 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Nightmare.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.484 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/MARGIO.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.232 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *12563 limiting requests, excess: 12.316 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/inglo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.148 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/PogueMahone.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.316 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.100 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/JaKo.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.088 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13835 limiting requests, excess: 12.016 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Sheika.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *13836 limiting requests, excess: 12.680 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/CrazyWildhog.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 69#69: *8391 limiting requests, excess: 12.296 by zone "flood", client: 162.158.129.16, server: _, request: "GET /user-badges/Lord_Phobos.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13830 limiting requests, excess: 12.380 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/OrangE.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 67#67: *7122 limiting requests, excess: 12.128 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/licher.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 66#66: *11749 limiting requests, excess: 12.056 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/RisVIII.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"
2023/07/23 00:31:59 [error] 68#68: *13829 limiting requests, excess: 12.420 by zone "flood", client: 162.158.129.17, server: _, request: "GET /user-badges/Chuck.json HTTP/2.0", host: "OMITTED.COM", referrer: "https://OMITTED.COM/t/la-volta-in-cui-ah-non-avevo-capito-un-cazz/838164/78"

OMITTED.COM is of course not the real hostname

This is what the prometheus metrics are showing me as well, which is imho a number of error requests that is definitely too high.

image960×301 53.6 KB

image952×297 65.9 KB

I thought of the rate limits but it’s happening only for that specific endpoint (I mean, significantly more at least) and if it was a rate limit issue wouldn’t it have to happen on other GET(s) as well?

I’m trying to understand what could be causing this first of all. Any hint or further info request is appreciated.

Just be aware I may be not that responsive this week as I’m literally moving house in the next 3-4 days

Cheers!

お役に立てば幸いです。また、歓迎されないかもしれませんが、185件の投稿があるそのスレッドのスナップショットを以下に示します。

image591×166 46.8 KB

@Ed_Sさん、ありがとうございます。ホスト名が平文でなければ問題ありません。単に、ボットや「なりすましハッカー」が簡単にアクセスして、小さなコミュニティフォーラムで「楽しむ」ことを避けたいだけです。

すでに予想以上に多くの時間を費やしています。

CloudflareのHTTPリバースプロキシ機能を使用しているようですが、Cloudflareのサーバーがリクエストに対して送信する実際のIPを使用するようにnginxが設定されていないようです。これは問題を引き起こす可能性があります（すべてのリクエストが同じソースから来ているように見える場合、1人のユーザーが過剰なリクエストを送信しても、すべてのユーザーがレート制限の影響を受けます）。

ヒントをありがとうございます。これを修正する方法について、何か読めるトピックやガイドはありますか？

リバースプロキシは、実際のIPアドレスを公開しないようにVPSの所有者からリクエストされたものです。

そのテンプレートを追加すると正しく機能しますか？

再構築中です。一晩実行して、明日か月曜日に確認します（まだ引っ越し荷解きの最中です ）

編集：再構築直後に簡単な確認をしたところ、問題は解決したようです

数日中に改めて報告します！

「数日後」：はい、Cloudflare の追加テンプレートを有効にすることで、バッジリクエストの失敗の問題が解決しました。

また、管理者/モデレーターの IP フィルターが全員同じ IP から来ているように表示されるなどの他の問題も解決しました。

ただし、Prometheus のスクレイプから得られる監視では、とにかく多くのエラーが表示されています。
nginx のログを調べる時間を確保する必要があるでしょう。

image963×305 45.4 KB

image943×295 73.9 KB