We can just speculate here to those questions. Rule of thumb if not showing in httpd error log, not httpd error. El mar, 20 abr 2021 a las 15:59, Dave Wreski (<dwreski@xxxxxxxxxxxxxxxxxxx.invalid>) escribió: > > > > On 4/20/21 8:54 AM, Daniel Ferradal wrote: > > That's the key then, you are probably reverse proxying somewhere and > > the 500 errors comes from there and not from Apache. Apache always > > logs HTTP 500 status code in error log. > > > > Even more, the headers you pasted have no Server: Apache and there are > > many other headers that tell us you are not dealing with simple static > > content but a dynamic content generator of some sort. It pays off to > > double check where those requests are being routed to. > > We're using cloudflare, but the issues seem to persist even when > disabling their cache. Perhaps it's still being proxied, even though > it's not being cached, and causing these errors? > > Would it explain why the same page doesn't always produce the error, or > why not all pages produce a 500 error? > > Thanks, > Dave > > > > > El mar, 20 abr 2021 a las 14:49, Dave Wreski > > (<dwreski@xxxxxxxxxxxxxxxxxxx.invalid>) escribió: > >> > >> > >>> If the error comes from apache itself you should have an error log > >>> entry, what does it say? > >> > >> I don't have any error log entries, only the 500 error response in the > >> access log. > >> > >> 72.70.38.104 - - [19/Apr/2021:21:38:56 -0400] "GET > >> /advisories/debian/debian-dsa-2944-1-gnutls26-security-update HTTP/1.1" > >> 500 12704 "-" "Mozilla/5.0 (compatible; bingbot/2.0; > >> +http://www.bing.com/bingbot.htm)" 2/2408334 915/21235/12704 > >> > >> Thanks, > >> Dave > >> > >>> > >>> > >>> El mar., 20 abr. 2021 4:03, Dave Wreski > >>> <dwreski@xxxxxxxxxxxxxxxxxxx.invalid> escribió: > >>> > >>> Hi, > >>> > >>> I have an apache-2.4.46 system on fedora33 and having weird 500 errors > >>> that I can't explain. > >>> > >>> 72.70.38.104 - - [19/Apr/2021:21:38:56 -0400] "GET > >>> /advisories/debian/debian-dsa-2944-1-gnutls26-security-update HTTP/1.1" > >>> 500 12704 "-" "Mozilla/5.0 (compatible; bingbot/2.0; > >>> +http://www.bing.com/bingbot.htm <http://www.bing.com/bingbot.htm>)" > >>> 2/2408334 915/21235/12704 > >>> > >>> Going to this page directly loads the page just fine. > >>> > >>> I've also just started to notice the following entries in > >>> /var/log/httpd/modsec_audit.log: > >>> > >>> --47be4126-F-- > >>> HTTP/1.1 500 Internal Server Error > >>> X-LiteSpeed-Purge: * > >>> Cache-Control: no-cache > >>> Pragma: no-cache > >>> Set-Cookie: > >>> 5eae87e0f12142efcb88fb03b93e82b2=qil7ieh6m1tcnrj8dn0vkfc4s5; > >>> path=/; secure; HttpOnly > >>> Set-Cookie: ct_timestamp=1618882240; path=/ > >>> Set-Cookie: > >>> ct_prev_referer=https%3A%2F%2Flinuxsecurity.com%2Fcontact-us; path=/ > >>> Set-Cookie: > >>> ct_cookies_test=%7B%22cookies_names%22%3A%5B%22ct_timestamp%22%2C%22ct_prev_referer%22%5D%2C%22check_value%22%3A%22d4c4a7a2546fbe6 > >>> 12cba4c38dc2c8949%22%7D; path=/ > >>> Strict-Transport-Security: max-age=15768000 > >>> X-XSS-Protection: 1; mode=block > >>> X-Content-Type-Options: nosniff > >>> Vary: User-Agent > >>> Cache-Control: public > >>> Connection: close > >>> Transfer-Encoding: chunked > >>> Content-Type: text/html; charset=UTF-8 > >>> > >>> What does this mean? Is this just reporting the error or something > >>> related to mod_sec causing the error? > >>> > >>> Thanks, > >>> Dave > >>> > >>> > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > >>> <mailto:users-unsubscribe@xxxxxxxxxxxxxxxx> > >>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > >>> <mailto:users-help@xxxxxxxxxxxxxxxx> > >>> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > >> > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > -- Daniel Ferradal HTTPD Project #httpd help at Freenode --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|