Copy link to clipboard
Copied
Hello, all,
It seems that the performance issues haxtbh mentioned regarding reverse DNS lookup on CF11 is way worse than I expected, and apparently not a problem in CF10. OR, it could be a certain unwelcome 'bot'. Which brings me to another question.
Instead of the CF method of reverse DNS (as it pertains to cgi.REMOTE_HOST), is there a way to get Apache to do the reverse DNS lookup and pass that along to CF?
! ! ! OR ! ! !
Is there a way to cache the reverse DNS value (cgi.REMOTE_HOST) so that it can be fed from memory?
I suspect that it is the dreaded LegiStorm bot (legibot) that is causing our issue of our metrics query timing out ("The request has exceeded the allowable time limit Tag: CFQUERY "). The error email includes the agentstring "LegiStorm Bot (http://www.legistorm.com/legibot.html)".
I think the bot is hitting our server hundreds of times a second (just a guess), causing our DNS lookup to do the same, and the target server is blocking the request after x number of attempts in one second, causing our insert of cgi.REMOTE_HOST into the database to freeze, triggering a timeout error.
V/r,
^_^
Considering that we don't have a lot of time to analyze this, management has decided to remove the "enableLookups" from server.xml and go with a Java solution:
<cfset inet = createObject("java","java.net.InetAddress") />
<cfparam name="request.remote_host" default="#inet.getByName(remote_addr).getHostName()#" />
Normally we tend to avoid opening any kind of direct Java object, but this was deemed safe and appropriate for the situation. It does not seem to have any negative performa
...Copy link to clipboard
Copied
Are their load balancers involved in your setup? Have you dumped gethttprequestdata() to see if any host information is sent?
Copy link to clipboard
Copied
Hi, haxtbh,
There are no load balancers involved. The error emails include CFDUMPs of CGI and SESSION scopes, so we are getting the host and IP address of LegiStorm bot.
V/r,
^_^
Copy link to clipboard
Copied
Considering that we don't have a lot of time to analyze this, management has decided to remove the "enableLookups" from server.xml and go with a Java solution:
<cfset inet = createObject("java","java.net.InetAddress") />
<cfparam name="request.remote_host" default="#inet.getByName(remote_addr).getHostName()#" />
Normally we tend to avoid opening any kind of direct Java object, but this was deemed safe and appropriate for the situation. It does not seem to have any negative performance issues, and we are no longer seeing any query timeouts as a result.
This is now a non-issue. I'll mark this as correct. Thanks, haxtbh, for your help.
V/r,
^_^
Copy link to clipboard
Copied
Have you dumped gethttprequestdata() to see if any host information is sent?
I just now looked at a CFDUMP of getHttpRequestData(), and the remote host information is not there. It's only supplying method, protocol, and:
Accept-Encoding | gzip, deflate |
Accept-Language | en-US |
Cache-Control | max-age=0 |
DNT | 1 |
SSL_CLIENT_S_DN_CN | (null) |
accept | text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 |
connection | keep-alive |
content-length | 0 |
cookie | JSESSIONID={blah blah blah}cfusion |
host | xxxx.yyyyyyyyyyyy.zzz |
server_alias | xxxx |
user-agent | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 |
V/r,
^_^