Jun 04 2019 08:19 AM
We are using windows server / IIS / ARR as a proxy and it is randomly not showing some files which is making the site fail.
Explanation: A couple months ago the system is put in place and working fine and then all of the sudden stopped being able to read certain CSS and HTML and JS files.
File 1 it could read fine and File 2 right next to it was unseen and threw a 404. I removed all of the items from the ear and then pt them back little by little and it was able to see them.
Last evening I had to run some patches on the software that the proxy is in front of and it overwrote some of the current CSS (etc) files with new ones and the proxy stopped being able to see them again.
As far as security I have it opened "everyone" has full rights and the service account running the sofware has full rights also.
I have tried what get me around it the last time and it isn't working this time.
I have taken a log of the network traffic and converted it to txt so you can read it.
This is a production environment and we are desperate for some help.
MS support has been unable to figure it out, but I think they are looking in the wrong place. Counting on you smart folks to help.
Thanks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
t=862656 [st= 0] +REQUEST_ALIVE [dt=95] --> priority = "HIGHEST" --> url = "https://www.ifawimages.com/otmm/ux-html/style/base/bootstrap.css" t=862657 [st= 1] NETWORK_DELEGATE_BEFORE_URL_REQUEST [dt=0] t=862657 [st= 1] +URL_REQUEST_START_JOB [dt=94] --> load_flags = 2 (BYPASS_CACHE) --> method = "GET" --> privacy_mode = 0 --> url = "https://www.ifawimages.com/otmm/ux-html/style/base/bootstrap.css" t=862657 [st= 1] NETWORK_DELEGATE_BEFORE_START_TRANSACTION [dt=0] t=862657 [st= 1] HTTP_CACHE_GET_BACKEND [dt=0] t=862657 [st= 1] HTTP_CACHE_DOOM_ENTRY [dt=0] --> net_error = -2 (ERR_FAILED) t=862657 [st= 1] HTTP_CACHE_CREATE_ENTRY [dt=1] t=862658 [st= 2] HTTP_CACHE_ADD_TO_ENTRY [dt=0] t=862658 [st= 2] +HTTP_STREAM_REQUEST [dt=1] t=862658 [st= 2] HTTP_STREAM_JOB_CONTROLLER_BOUND --> source_dependency = 31804 (HTTP_STREAM_JOB_CONTROLLER) t=862659 [st= 3] HTTP_STREAM_REQUEST_BOUND_TO_JOB --> source_dependency = 31805 (HTTP_STREAM_JOB) t=862659 [st= 3] -HTTP_STREAM_REQUEST t=862659 [st= 3] +HTTP_TRANSACTION_SEND_REQUEST [dt=2] t=862659 [st= 3] HTTP_TRANSACTION_HTTP2_SEND_REQUEST_HEADERS --> :method: GET :authority: www.ifawimages.com :scheme: https :path: /otmm/ux-html/style/base/bootstrap.css pragma: no-cache cache-control: no-cache user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept: text/css,*/*;q=0.1 referer: https://www.ifawimages.com/ accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9 cookie: [60 bytes were stripped] t=862661 [st= 5] -HTTP_TRANSACTION_SEND_REQUEST t=862661 [st= 5] +HTTP_TRANSACTION_READ_HEADERS [dt=90] t=862751 [st=95] HTTP2_STREAM_ERROR --> description = "Server reset stream." --> net_error = "ERR_SPDY_PROTOCOL_ERROR" --> stream_id = 3 t=862751 [st=95] -HTTP_TRANSACTION_READ_HEADERS --> net_error = -337 (ERR_SPDY_PROTOCOL_ERROR) t=862751 [st=95] -URL_REQUEST_START_JOB --> net_error = -337 (ERR_SPDY_PROTOCOL_ERROR) t=862751 [st=95] URL_REQUEST_DELEGATE_RESPONSE_STARTED [dt=0] t=862751 [st=95] -REQUEST_ALIVE --> net_error = -337 (ERR_SPDY_PROTOCOL_ERROR)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jun 04 2019 11:57 AM
In addition, here are my rules that we have setup in case you all think you see something wrong.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="ReverseProxyInboundRule1" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{PATH_INFO}" pattern="^/otmm" />
<add input="{PATH_INFO}" pattern="^/content" />
<add input="{PATH_INFO}" pattern="^/jmx-console" />
<add input="{PATH_INFO}" pattern="^/console" />
<add input="{PATH_INFO}" pattern="^/swagger-ui" />
<add input="{PATH_INFO}" pattern="^/artesia-*" />
<add input="{PATH_INFO}" pattern="^/otmmapi" />
</conditions>
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
<action type="Rewrite" url="http://ccc0sa01.ifaw.net:11090/{R:1}" appendQueryString="true" logRewrittenUrl="true" />
</rule>
<rule name="ReverseProxyInboundRuleVideo" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{PATH_INFO}" pattern="^/Video" />
</conditions>
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
<action type="Rewrite" url="http://ccc0sa01.ifaw.net/{R:1}" appendQueryString="true" logRewrittenUrl="true" />
</rule>
<rule name="ReverseProxyInboundRule_OTDS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{PATH_INFO}" pattern="^/otds" />
<add input="{PATH_INFO}" pattern="^/csadmin" />
<add input="{PATH_INFO}" pattern="^/OTDSConnectors" />
<add input="{PATH_INFO}" pattern="^/triggers" />
<add input="{PATH_INFO}" pattern="^/ot-*" />
<add input="{PATH_INFO}" pattern="^/ums*" />
<add input="{PATH_INFO}" pattern="^/otdsws*" />
</conditions>
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
<action type="Rewrite" url="http://ccc0sa02.ifaw.net:8080/{R:1}" logRewrittenUrl="true" />
</rule>
<rule name="RootRedirect" stopProcessing="true">
<match url="^$" />
<action type="Redirect" url="/otmm" />
</rule>
</rules>
<outboundRules>
<clear />
<rule name="RestoreAcceptEncoding" preCondition="NeedsRestoreAcceptEncoding" enabled="true">
<match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
</rule>
<rule name="ReverseProxyOutboundRule_OTMM" preCondition="" enabled="true" stopProcessing="true">
<match filterByTags="A, Form, Img" pattern="^http(s)?://ccc0sa01.ifaw.net:11090/(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" value="https://www.ifawimages.com/{R:2}" />
</rule>
<rule name="ReverseProxyOutboundRule_OTDS" preCondition="" enabled="true" stopProcessing="true">
<match filterByTags="A, Form, Img" pattern="^http(s)?://ccc0sa02.ifaw.net:8080(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" value="https://www.ifawimages.com/{R:2}" />
</rule>
<rule name="ReverseProxyOutboundRule_StreamingMedia" preCondition="" enabled="true" stopProcessing="true">
<match filterByTags="None" pattern="^http://ccc0sa01.ifaw.net/Video/data(.*)" />
<action type="Rewrite" value="https://www.ifawimages.com/Video/data{R:1}" />
</rule>
<preConditions>
<preCondition name="NeedsRestoreAcceptEncoding">
<add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern="'.+'" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
<httpRedirect enabled="false" destination="/otmm" exactDestination="true" childOnly="true" />
<security>
<requestFiltering allowDoubleEscaping="true">
<requestLimits maxAllowedContentLength="300000000" maxQueryString="4096" />
</requestFiltering>
</security>
<tracing>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="ASP" verbosity="Verbose" />
<add provider="ISAPI Extension" verbosity="Verbose" />
<add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,FastCGI,WebSocket" verbosity="Verbose" />
</traceAreas>
<failureDefinitions timeTaken="00:00:00" statusCodes="200-999" />
</add>
</traceFailedRequests>
</tracing>
<caching enabled="false" />
<staticContent>
<clientCache cacheControlMode="DisableCache" />
</staticContent>
</system.webServer>
</configuration>
Jun 04 2019 01:08 PM
Jun 04 2019 01:40 PM
at this point I am desperate, trying anywhere haha.
This is the target: