• last updated 13 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
improve spelling

  1. … 3 more files in changeset.
improved spelling

  1. … 10 more files in changeset.
Adding one more safety belt for potential DOS attacks

For cases, where request blocking is activated (returning 429 status

code for repeated requests), one more check was added: When such a

block happens more than 15 times in a minute on the same URL from the

same user, more requests for the same URL and user will be blocked

until the minute is over. The user seese the message "This web server

is only open for interactive usage".

Background: While request blocking works well for interactive users,

it might not be sufficient for web clients running wild. Normally,

after a 429, the user can reload the page to receive the content of a

page. This leads to a sequence of requests of interleaved 200 and 429

status codes, which might be ignored by a bot (or ad DOS attack). When

the requested page is slow, this can bring a server to its knees.

When request blocking is deactivated, this change has no effect.

improve strictness of tests

  1. … 8 more files in changeset.
include request start in long-call listing

  1. … 2 more files in changeset.
minor updates

most significant changes:

- longer lines kept for long-calls

- adapted size of buffer for long-call analysis

  1. … 2 more files in changeset.
check queuing situation for every connection pool

Added pool filtering and improved layout for Bootstrap 5

- added filter option for pools on "long-calls" page

- added support for Bootstrap 5

- added adp:icon for parameter

- Bumped version to 0.65

  1. … 6 more files in changeset.
added configurability to watchodg

The pool remapping watchdoc con now be configured with

"-maxWaiting" and "-maxRunning"

Improve rebustness in error situations.

This change makes sure to always provide initialized aggregated values in case

that "dump read" fails to initialized these.

Make the initial population of the request-monitor counters more robust

use ns_baseunit for time span calculation

  1. … 2 more files in changeset.
improve spelling

  1. … 1 more file in changeset.
Add the "/dotlrn" path without tailing slash to the exception list

This will cause just a redirect, but if the server is in a bad state, even this might take long.

reduce verbosity

avoid site-map lookups from the DB when the connections is already closed. This avoids hard DB-errors when the URL contains invalid characters

Sanitize bogus URLs such as "//" or e.g. dotlrn URL lookup would fail

Not clear if this should happen already at the ns_conn level or somewhere in the site_node api

Fix typo

make end of options explicit

  1. … 42 more files in changeset.
add unmapping of slow-pool request for requests mapped via scheduled procedures

undo slow-pool mapping after some time (default 12h)

improve documentation

drop FK on community_id for cases, where communities are frequently dropped.

we do not want to loose statistics in these cases

  1. … 2 more files in changeset.
reduce verbosity (set verbose_blocking per default to 0), improve speed of dump creation

New method to cleanup all data associated with a community in the throttle object:

if a community is deleted when a user is accessing it, some leftover information will be kept in the object. At the next request this will be interpreted as the community having been left and the system will try to track this event into request_monitor_community_activities. Depending on who comes first, we might try to insert a tuple in the table for an object that does not exist anymore.

Hence, we use this method to cleanup all community info before the actual deletion in dotlrn (happening only downstream).

request monitor overhaul:

- new parameter "do_double_click_prevention" (default: on)

When turned off, double click prevention can be selectively

turned off.

- new parameter "monitor_urls" (default: / /register/ /dotlrn/)

track for these URLs performance via minin responsetime plugin

- added upgrade script for removing old parameters

- bump version to 0.60

  1. … 1 more file in changeset.
file callback-proc.tcl was initially added on branch oacs-5-10.

let watchdog send mail to webmaster with data of active requests

pool_remap_watchdog: new watchdog for potentially stuck processes

This watchdog checks every minute the running jobs and maps very slow

requests to the slow pool (if configured) to avoid that the

default pool is getting filled up with more stuck requests.

This ensures the livelyness of a server.

reduce verbosity

  1. … 1 more file in changeset.