Hi,
Happy new year everyone.
Background of my production setup. Using tomcat 10 and in linux
environment, using the following accesslog valve
%a %{X-Forwarded-For}i %h %l %u %t '%r' %s %b '%{Referer}i'
'%{User-Agent}i' %D %S
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:27:36 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:27:36 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:27:36 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:30:42 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:30:42 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:30:42 +0100] '-' 400 - '-' '-' 0 -
api.access_log.2022-12-20.txt:94.102.61.23 - 94.102.61.23 - -
[20/Dec/2022:01:30:42 +0100] '-' 400 - '-' '-' 0 -
I often see the above registered in accesslog and have the following questions
1. how/where to find more information about such requests? example how
to reproduce of such request, how to enable debug to give more details
about such request, etc?
2. how to block such requests (at tomcat or at firewall or any other way)?
3. what impact it has to tomcat (or service) if these requests come in
huge amounts and in a short time.
Thank you and happy to hear any other comments/opinions too.
Kind regards,
Jason
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
