There are many trials try to access Solr using a different PORT every few minutes

Mon, 16 Aug 2021 02:50:43 -0700 

we are using Solr 7.2.1 with Sitecore 9.1 in the Azure app serves
Solr was working normal without any issue and suddenly it is stop to respond 
and we noticed in the log file the following error
" java.io.IOException: The user name or password is incorrect "
:java.io.IOException: The user name or password is incorrect
               at java.io.WinNTFileSystem.canonicalize0(Native Method)
               at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
               at java.io.File.getCanonicalPath(File.java:620)
               at 
org.apache.solr.core.StandardDirectoryFactory.normalize(StandardDirectoryFactory.java:83)
               at 
org.apache.solr.core.CachingDirectoryFactory.get(CachingDirectoryFactory.java:334)
               at 
org.apache.solr.core.SolrCore.getNewIndexDir(SolrCore.java:351)
               at 
org.apache.solr.core.SolrCore.openNewSearcher(SolrCore.java:1977)
               at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:2215)
               at org.apache.solr.core.SolrCore.getSearcher(SolrCore.java:1952)
               at 
org.apache.solr.update.DirectUpdateHandler2.commit(DirectUpdateHandler2.java:715)
               at 
org.apache.solr.update.processor.RunUpdateProcessor.processCommit(RunUpdateProcessorFactory.java:93)
               at 
org.apache.solr.update.processor.UpdateRequestProcessor.processCommit(UpdateRequestProcessor.java:68)
               at 
org.apache.solr.update.processor.DistributedUpdateProcessor.doLocalCommit(DistributedUpdateProcessor.java:1882)
               at 
org.apache.solr.update.processor.DistributedUpdateProcessor.processCommit(DistributedUpdateProcessor.java:1858)
               at 
org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processCommit(LogUpdateProcessorFactory.java:160)
               at 
org.apache.solr.handler.loader.XMLLoader.processUpdate(XMLLoader.java:281)
               at 
org.apache.solr.handler.loader.XMLLoader.load(XMLLoader.java:188)
               at 
org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:97)
               at 
org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:68)
               at 
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:177)
               at org.apache.solr.core.SolrCore.execute(SolrCore.java:2503)
               at 
org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:710)
               at 
org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
               at 
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:382)
               at 
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:326)
               at 
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1751)
               at 
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582)
               at 
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
               at 
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
               at 
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
               at 
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
               at 
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
               at 
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
               at 
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
               at 
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
               at 
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
               at 
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:119)
               at 
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
               at 
org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
               at 
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
               at org.eclipse.jetty.server.Server.handle(Server.java:534)
               at 
org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320)
               at 
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
               at 
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
               at 
org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
               at 
org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
               at 
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
               at 
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
               at 
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
               at 
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
               at 
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
               at java.lang.Thread.run(Thread.java:748)

[cid:image001.png@01D79288.77EE4330]

Admin team restarted the Solr server, and we noticed after restarting
a lot of requests and each request is followed by number of trials and it 
ends-up by exception firing.
There are many trials try to access Solr using a different PORT every few 
minutes, which all lead to failures

After restarting Server
[cid:image002.png@01D79288.77EE4330]
[cid:image003.png@01D79288.77EE4330]
we need to know the root cause of the issue , if this is some kind of attacks 
and how to solve it

Best Regards
Mohamed Saad

Disclaimer: This email and its attachments are intended only for the person or 
entity to which it is addressed and may contain confidential and/or privileged 
material. Any use of this information by persons or entities other than the 
intended recipient is prohibited. If you have received this by error, please 
contact the sender and delete the material from your computer/device. Any 
disclosure, copying and distribution is prohibited and may be considered 
unlawful. Statements and opinions contained in this message are those of the 
sender, and shall be understood as neither given or endorsed by Ejada. Although 
precautions have been taken to ensure no viruses are present in this email, the 
organization cannot accept responsibility for any loss or damage arising from 
the use of this email or attachments. ????? ?????????: ??? ?????? ?????????? 
???????? (?? ????) ???? ????? ???? ?? ????? ??? ??????? ????? ?????? ?????? 
???????. ??? ?? ??? ????? ?????? ???? ??????? ??? ???? ????? ??????? ???? 
?????? ????? ???? ??????? ????????? ?? ???? ?????? ?????/?????? ????? ??. ??? 
???? ?? ????? ?? ??? ?? ????? ??? ??????? ?? ???????? ?? ?? ??? ????? ?? ????? 
?????????? ??? ??? ?? ????????? ??? ???. ????? ??? ???????? ??????? ???? ?????? 
??? ??????? ???? ??? ?? ??? ??????? ???? ???????? ??? ???? ????? ????? 
????????? ???? ????? ?? ??????? ?????????? ????? ??? ???? ??????? ?? ??? ?????? 
??????????? ?? ????? ?????? ?? ??????? ?? ?? ????? ?? ??? ???? ?? ??????? ??? 
?????? ?????????? ????????

Reply via email to