You can register a filter for those methods to return a 405 Method Not
Allowed response.
These requests can come from Microsoft products checking the capabilities
of your web server so it is not necessarily a hacker although it can
indidcate that as well.
On Mon, Nov 26, 2012 at 12:13 PM, Jeff Rogers <dv...@diphi.com> wrote:
> If this is the bug I think it is, a checkin from 10/2011 fixed this bug.
>
> handle internal error from redirect recursion overflow
> directly instead of redirecting to internal error page. Prevents
> error displaying error page from crashing server.
>
> If updating to a more recent server isn't an option, you should be able
> to apply the patch standalone:
>
>
> http://aolserver.cvs.sourceforge.net/viewvc/aolserver/aolserver/nsd/op.c?r1=1.18&r2=1.19
>
> Also, doesn't necessarily need to be hackers probing you; some versions
> of windows are very eager about discovering shares on their local network.
>
> -J
>
>
> Fenton, Brian wrote:
> > Hello
> >
> > We've just had some reports of this error re-appearing on some systems.
> Was there ever a solution found?
> >
> > These PROPFIND/OPTIONS methods seem to be something to do with WebDav,
> which as far as I'm aware, we're not using. Any idea what would cause them
> to appear in the logs?
> >
> > Thanks
> > Brian
> >
> >
> > -----Original Message-----
> > From: Tom Jackson
> > Sent: 14 April 2009 14:10
> > To: aolserver-talk@lists.sourceforge.net
> > Subject: [AOLSERVER] Tracked down bug with PROPFIND / OPTIONS methods
> >
> > Over the last few years some users have noticed that their servers
> > suddenly stop responding, and the error log has entries similar to this:
> >
> > [-conn:965-] Error: return: failed to redirect
> > 'PROPFIND /global/file-not-found.tcl': exceeded recursion limit of 3
> > [-conn:965-] Error: return: failed to redirect
> > 'PROPFIND /global/server-error.tcl': exceeded recursion limit of 3
> >
> > The second error.log line then repeats hundreds or thousands of times
> > until the server stops responding.
> >
> > The question is why this happens, and what do these log entries tell
> > us.
> >
> > I think I have found out the answer, but the fix isn't apparent.
> >
> > The first error message indicates the recursion limit code is working
> > correctly, after three tries, the HTTP status code goes from 404 to 500.
> > The second error message indicates a similar recursion limit is reached
> > looking for a 500 handler. Unfortunately there is a loop here:
> >
> > Ns_ConnReturnInternalError
> > executes
> > ReturnRedirect
> > which executes
> > Ns_ConnRedirect
> > which executes
> > Ns_ConnReturnInternalError
> >
> > This loop accounts for the remaining error log entries.
> >
> > One problem is that ReturnRedirect uses the redirects configured like
> > this:
> >
> > ns_section "ns/server/farid/redirects"
> > ns_param 404 "/fnf-tmpl.tcl"
> > ns_param 403 "global/forbidden.html"
> > ns_param 500 "global/server-error.tcl"
> >
> > What is missing, it seems to me is the method of the request. The method
> > is used in Ns_AuthorizeRequest and Ns_ConnRunRequest.
> >
> > The quick fix is to not configure a 500 redirect.
> >
> > tom jackson
> >
> >
> > --
> > AOLserver - http://www.aolserver.com/
> >
> > To Remove yourself from this list, simply send an email to <
> list...@listserv.aol.com> with the
> > body of "SIGNOFF AOLSERVER" in the email message. You can leave the
> Subject: field of your email blank.
> >
> > _______________________________________________
> > aolserver-talk mailing list
> > aolserver-talk@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/aolserver-talk
> >
> >
> ------------------------------------------------------------------------------
> > Monitor your physical, virtual and cloud infrastructure from a single
> > web console. Get in-depth insight into apps, servers, databases, vmware,
> > SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> > Pricing starts from $795 for 25 servers or applications!
> > http://p.sf.net/sfu/zoho_dev2dev_nov
> > _______________________________________________
> > aolserver-talk mailing list
> > aolserver-talk@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/aolserver-talk
> >
>
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> aolserver-talk mailing list
> aolserver-talk@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/aolserver-talk
>
--
Dave Bauer
d...@solutiongrove.com
http://www.solutiongrove.com
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
aolserver-talk mailing list
aolserver-talk@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/aolserver-talk
