So, I’m running a rather standard nginx -> unicorn -> rails application,
all
over HTTPS. Recently, I started looking into some strange load bursts
(which
have been going on for a while but are getting more important), and saw
repeated requests (both GET and POST) in my access logs, all getting a
499
status code and reporting 0 bytes sent. I know the browser isn’t seeing
these 499s, but that they’re closing the connection before getting data.
These aren’t long-running requests; I can find them in my Rails logs and
they’re returning in 50-100ms.
I’ve seen in other threads that “the user clicked save twice really
fast” is
the most likely cause – but we had one client make 6500 requests over
the
course of a few minutes the other day, so, um, it’s probably not that.
I’m
rather sure this isn’t some kind of denial-of-service attack, either;
they
appear to be legit requests repeated by… the browser…? insanely
quickly.
I can’t, alas, find any way to replicate this locally.
I know there are application-level things we can do to mitigate the
effects
of something like this (duplicate records being created and such), but I
want to check at this end: is there some kind of configuration error I
could
have made that would cause this?
In case it matters, we appear to still be running nginx 1.1.19.
Thanks!
-Nate
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,244509,244509#msg-244509