nginx的Status Code 499是什么错误(Site_access.log)

jackxiang 2016-9-15 12:45 | |
背景:发现gitlab经nginx代理后,有一天访问突然发现出现409错误,[15/Sep/2016:12:40:13 +0800] "GET /dashboard/projects HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36",502 Whoops, GitLab is taking too much time to respond. Try refreshing the page, or going back and attempting the action again.Please contact your GitLab administrator if this problem persists。


我的Web服务器在用的Linx + Mysql + PHP +nginx,今天被DDOS攻击了,观察日志中发现大量的499 Status Code这个错误。GOOGLE了一把才明白这个499的意思:
日志如下:

222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.012 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.015 ut="-" cs=-
222.215.105.135 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.015 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.002 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
61.219.178.101 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.002 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
202.201.252.2 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
202.201.252.2 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
58.221.37.82 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.039 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.001 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.045 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.036 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.037 ut="-" cs=-
222.215.105.135 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-

222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.012 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.015 ut="-" cs=-
222.215.105.135 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.015 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.002 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
61.219.178.101 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.002 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
202.201.252.2 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
202.201.252.2 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
58.221.37.82 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.039 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.001 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
58.49.59.142 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.045 ut="-" cs=-
119.147.86.178 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.036 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-
222.189.237.18 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.037 ut="-" cs=-
222.215.105.135 - - [06/Nov/2011:12:23:27 +0800] "GET / HTTP/1.1" 499 0 "-" "-" "-" rt=0.000 ut="-" cs=-

400~500间的错误码仅定义到了417,所以499应该是nginx自己定义的。

读读nginx代码,看一下注释,找到src/http/ngx_http_special_response.c 这个文件328行,里面定义了不少http错误码以及相应的返回。注意到有下面这样的注释:


    ngx_string(ngx_http_error_494_page), /* 494, request header too large */
    ngx_string(ngx_http_error_495_page), /* 495, https certificate error */
    ngx_string(ngx_http_error_496_page), /* 496, https no certificate */
    ngx_string(ngx_http_error_497_page), /* 497, http to https */
    ngx_string(ngx_http_error_404_page), /* 498, canceled */
    ngx_null_string,                     /* 499, client has closed connection */

    ngx_string(ngx_http_error_494_page), /* 494, request header too large */
    ngx_string(ngx_http_error_495_page), /* 495, https certificate error */
    ngx_string(ngx_http_error_496_page), /* 496, https no certificate */
    ngx_string(ngx_http_error_497_page), /* 497, http to https */
    ngx_string(ngx_http_error_404_page), /* 498, canceled */
    ngx_null_string,                     /* 499, client has closed connection */
可以看到,499对应的是 “client has closed connection”。这很有可能是因为服务器端处理的时间过长,客户端“不耐烦”了。要解决此问题,就需要在程序上面做些优化了。

除了499,nginx还定义了495/496/497/498 这几个Status Codes,相应的意义也在上面的注释中可以看到。开源的东西,可以随时翻看源码,这一点很棒。


来自:http://blog.hexu.org/archives/1085.shtml

作者:jackxiang@向东博客 专注WEB应用 构架之美 --- 构架之美,在于尽态极妍 | 应用之美,在于药到病除
地址:http://jackxiang.com/post/8949/
版权所有。转载时必须以链接形式注明作者和原始出处及本声明!

评论列表
发表评论

昵称

网址

电邮

打开HTML 打开UBB 打开表情 隐藏 记住我 [登入] [注册]