Page MenuHomePhabricator

phabricator server 500 error
Closed, DeclinedPublic

Description

phabricator 500 Internal Server Error from some France IP.

# ping phabricator.wikimedia.org
PING phabricator.wikimedia.org (91.198.174.192) 56(84) bytes of data.
64 bytes from text-lb.esams.wikimedia.org (91.198.174.192): icmp_seq=1 ttl=56 time=21.7 ms
64 bytes from text-lb.esams.wikimedia.org (91.198.174.192): icmp_seq=2 ttl=56 time=21.6 ms
64 bytes from text-lb.esams.wikimedia.org (91.198.174.192): icmp_seq=3 ttl=56 time=21.7 ms
64 bytes from text-lb.esams.wikimedia.org (91.198.174.192): icmp_seq=4 ttl=56 time=21.5 ms
#  curl -s -D - -o /dev/null https://phabricator.wikimedia.org
HTTP/1.1 500 Internal Server Error
Date: Thu, 01 Aug 2019 12:11:49 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 536
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.2.16-1+0~20190307202415.17+stretch~1.gbpa7be82+wmf1
X-Frame-Options: Deny
Content-Security-Policy: default-src https://phab.wmfusercontent.org; img-src https://phab.wmfusercontent.org data:; style-src https://phab.wmfusercontent.org 'unsafe-inline'; script-src https://phab.wmfusercontent.org; connect-src 'self'; frame-src 'self' https://commons.wikimedia.org; frame-ancestors 'none'; object-src 'none'; form-action 'self'; base-uri 'none'
Referrer-Policy: no-referrer
Cache-Control: no-store
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: phsid=A%2Fkydgmlb5jr44vjo4ncaty6qg5hfbe7pq5jydlnvj; expires=Tue, 30-Jul-2024 12:11:49 GMT; Max-Age=157680000; path=/; domain=phabricator.wikimedia.org; secure; HttpOnly
Vary: Accept-Encoding
X-Varnish: 1014616393, 762209506, 274913402
Age: 0
X-Cache: cp1079 pass, cp3043 miss, cp3040 pass
X-Cache-Status: miss
Server-Timing: cache;desc="miss"
Strict-Transport-Security: max-age=106384710; includeSubDomains; preload
Set-Cookie: WMF-Last-Access=01-Aug-2019;Path=/;HttpOnly;secure;Expires=Mon, 02 Sep 2019 12:00:00 GMT
X-Analytics: https=1;nocookies=1

Event Timeline

Shizhao created this task.Thu, Aug 1, 12:31 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptThu, Aug 1, 12:31 PM

Hi, i get "HTTP/2 200 " when running "curl -s -D - -o /dev/null https://phabricator.wikimedia.org".

在T229575#5384207中,@Paladox写道:

Hi, i get "HTTP/2 200 " when running "curl -s -D - -o /dev/null https://phabricator.wikimedia.org".

Just some France IP visit phabricator.

Shizhao updated the task description. (Show Details)Thu, Aug 1, 1:33 PM
Aklapper changed the task status from Open to Stalled.Thu, Aug 1, 2:20 PM

Could you share an IP range if you are comfortable with that being public? If not, could you share via a private email?

@Aklapper sent an email to you

Aklapper closed this task as Declined.Thu, Aug 1, 5:14 PM

@Shizhao: Thank you for sharing your IP via private email!

The current behavior is intentional:

Due to an ongoing security incident[0], certain IP ranges continue to be restricted from accessing various Wikimedia development tools. We realize the incredible inconvenience this places upon legitimate Wikimedia developers affected by these restrictions, but we cannot provide a date by which these restrictions will be removed at this time.
For confirmed, trusted developers (a determination to be made by the Wikimedia Security Team and Trust and Safety), we can potentially offer access to certain Wikimedia developer tools via static IP addresses. Please contact security@wikimedia.org for further information and to initiate this process.

[0] https://lists.wikimedia.org/pipermail/wikitech-l/2019-March/091834.html

Dzahn added a subscriber: Dzahn.Thu, Aug 1, 5:17 PM

Could we possibly improve this though by not sending a "500 Internal Server Error" but more appropriate 401 Unauthorized or 403 Forbidden?

Dzahn added a subscriber: 20after4.Thu, Aug 1, 5:22 PM

thx @Aklapper, and agree with @Dzahn opinion, 403 Forbidden may be more appropriate.

Feel free to file a new task about that. :)

Mentioned in SAL (#wikimedia-operations) [2019-08-01T19:20:38Z] <brennen> rolling back to wfm.15 on group1 and group2 while we investigate T229575

Dzahn added a comment.Thu, Aug 1, 8:37 PM

Feel free to file a new task about that. :)

ok. T229620