Tracking log file for error in CI - php

In my codeigniter application I am repeatedly getting this error message in log files.
ERROR - 2016-06-10 00:15:19 --> 404 Page Not Found: /index
How to know what is causing this error, as me and my team have ran through whole website multiple times and didnt found it.

Somewhere in your application you're hitting /index ( eg. www.example.com/index) .. but you don't have a controller named Index.php defined. Thus resulting in 404 Page Not Found.

You don't have a route defined as index, or you don't have a controller defined as Index. A 404 Error is exactly that. The page wasn't found.
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
The server has not found anything matching the Request-URI. No
indication is given of whether the condition is temporary or
permanent.
If the server does not wish to make this information available to the
client, the status code 403 (Forbidden) can be used instead. The 410
(Gone) status code SHOULD be used if the server knows, through some
internally configurable mechanism, that an old resource is permanently
unavailable and has no forwarding address.

Related

Joomla 2.5 404 issues

I have a J2.5site set up that uses language. Thus the urls look something like this:
https://www.mysite.com/en/
and
https://www.mysite.com/en/my-component/
and
https://www.mysite.com/en/my-component/my-alias
I have also set up a script that emails me whenever a 404 or 500 etc occurs:
Here is the result of one (of hundreds):
500 - Error: 500
Invalid controller: name='index', format=''
Call stack
Function Location
1 JSite->dispatch() /opt/host/apps/joomla/htdocs/index.php:42
2 JError::raiseError() /opt/host/apps/joomla/htdocs/includes/application.php:208
3 JError::raise() /opt/host/apps/joomla/htdocs/libraries/joomla/error/error.php:251
URL:/en/index.php
Notice the request. If I understand correctly, nothing should ever ask for /en/index.php. since by that time, it has already been interpreted by the entry index.php and therefore appends '/en/'
I am not getting any request errors in my apache logs or any other apache errors.
All that is happening is that I am being bombarded with emails stating that something tried to access http://www.mysite.com/en/index.php or https://www.mysite.com/en/my-component/index.php and thus either generated a 404 or 500 error
Is this spider (search engine bot) issues or is it a server misconfiguration?
Thanks
Jacques

HTTP Status code for when client is outside the allowed IP subnet

I have a web application that can be accessed only if the client accessing the application is within a group of allowed subnets.
If not, I want to redirect to a page with an appropriate HTTP header. The HTTP status that seems most obvious to me for this purpose is a 403 Forbidden.
I am currently using:
header('HTTP/1.1 403 Forbidden');
header('Status: 403 Forbidden');
However, is this the ideal status code for the scenario described?
I want to redirect to a page with an appropriate HTTP header
Don't redirect. Just return the error response for the URL that was requested. ("You can find /foo at /error" … "You aren't allowed to read /error" doesn't make much sense).
is this the ideal status code for the scenario described
The definition of 403 is:
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated.
Which matches your scenario, so yes, use that.
403 Forbidden seems like the most descriptive status code for this. However, RFC 2616 suggests that you could also use 404 Not Found if you don't want to let the user know that the reason for the failure is an access control restriction. It says:
If ... the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
If the person attempting the access believes the error code, it might discourage them from trying to find a way around the restriction (e.g. by searching for a proxy). But it probably won't stop a determined hacker.

Is it possible to monitor server response codes (http status codes) from PHP, and how would it be done?

The server response codes/http status codes (101, 200, 404, etc.) should be sent in headers in every interaction between user and server. How would one monitor the codes from PHP, so that if an error code were sent, it could be linked to user actions logged by the web application, and responded to appropriately, say by locking out or redirecting a user getting repeated 403 (forbidden) codes by trying to access things on the server they shouldn't be?
Check http_response_code:
*If you pass no parameters then http_response_code will get the current status code. If you pass a parameter it will set the response code.*
http://php.net/manual/en/function.http-response-code.php
Basically nohow, as the headers are sent by the web server before the PHP file is parsed and the "real" output is generated. You might use the method http_response_code(), but consider this: if you want to access a folder your www-data does not have read rights, you will get a 403 Forbidden. It is the webserver's message, the PHP is never even touched (because, for the webserver, it doesn't even exist).
The only way you can catch these events if you specifically use a custom ErrorDocument it your configuration or if the response codes are sent out by the PHP file:
if ( !$something )
header("HTTP/1.1 403 Forbidden");

404 Page Not Found - CodeIgniter related

I am using the Codeigniter framework in a project - I have a tool which reads an array and sends out over 10,000 emails using the SwiftMailer Email framework.
One form which I have once submitted is supposed to send out each individual email, however it doesnt sent out all of them as after a period of time I get the following error:
404 Page Not FoundThe page you requested was not found. - 500.shtml
The page itself doesnt actually redirect anywhere else so cannot understand why it would be saying this - anyone have any ideas?
Thanks
It looks like you're actually ending up with a 500 error, but when CI tries to display the custom error page for a 500 error (500.shtml), it can't find it, and so throws a 404 instead. Check your logs for the cause of the 500 error.
It'll be a custom error page, probably set up on the web server itself. If it's an Apache server, check the httpd config and remove any ErrorDocument directives you don't want so you can see the actual error.
As Tom said, if this is happening after a significant delay, you're likely getting a timeout. The length of timeouts can be increased from the PHP end using set_time_limit() or the php.ini setting max_execution_time. However in general if you have a long-running task it is much better to run it in a background process than try to shoehorn it into an HTTP request.

PHP Logging Question - Error Codes

I'm making a logging script that will log a visitor's way through the website. For example, it would write to a log file:
[Username (if logged in)]-[IP] requested [Page] at [Time]--received [Error Code] [Error Code Description].
Example output:
Jaxo (127.0.0.1) accessed index.php at 2:05 PM--Received 200 Ok
I can get everything working except the error codes bit (the part after the --).
How can I get error codes and error code definitions from PHP?
Thanks!
These error codes(200, 404 etc) are generated by your webserver, for example Apache. A way that you can trap these errors is to send these errors to another php script in your .htaccess file, for example.
ErrorDocument 404 /error.php?error=404
ErrorDocument 500 /error.php?error=500
ErrorDocument 402 /error.php?error=402
etc.
Unfortunately you can't have a "catch all" ErrorDocument, so you need to list them one by one.
Error codes about what? Are you thinking about HTTP status codes?

Categories