Open geerlingguy opened 4 years ago
Hmm... looking in the access logs, it seems that there may be some weird request loop that goes on, maybe caused by CleanTalk, and maybe if the connection gets dropped sometime in that cycle things get messed up?
104.236.203.61 - - [14/Jun/2020:16:02:05 -0500] "GET /blog/2020/installing-k3s-kubernetes-on-turing-pi-raspberry-pi-cluster-episode-3 HTTP/1.0" 200 80456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "71.14.186.20"
104.236.203.61 - - [14/Jun/2020:16:02:08 -0500] "GET /comment/11430/approve?token=REDACTED HTTP/1.0" 302 466 "https://www.jeffgeerling.com/blog/2020/installing-k3s-kubernetes-on-turing-pi-raspberry-pi-cluster-episode-3" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "71.14.186.20"
104.236.203.61 - - [14/Jun/2020:16:02:09 -0500] "GET /comment/11430 HTTP/1.0" 200 80599 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "71.14.186.20"
104.236.203.61 - - [14/Jun/2020:16:02:10 -0500] "GET /comment/reply/node/3010/comment_node_blog_post/11430 HTTP/1.0" 200 65327 "https://www.jeffgeerling.com/comment/11430" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "71.14.186.20"
71.14.186.20 - - [14/Jun/2020:16:02:05 -0500] "GET /blog/2020/installing-k3s-kubernetes-on-turing-pi-raspberry-pi-cluster-episode-3 HTTP/1.1" 200 16240 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "-"
71.14.186.20 - - [14/Jun/2020:16:02:08 -0500] "GET /comment/11430/approve?token=REDACTED HTTP/1.1" 302 478 "https://www.jeffgeerling.com/blog/2020/installing-k3s-kubernetes-on-turing-pi-raspberry-pi-cluster-episode-3" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "-"
71.14.186.20 - - [14/Jun/2020:16:02:08 -0500] "GET /comment/11430 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "-"
That route comes from \Drupal\comment\Controller\CommentController::commentApprove
and the token is a CSRF token set by the comment module.
This happens to me as an authenticated user maybe once out of every 3-4 times I leave a comment. It never happened on my Drupal 7 site; I'm not quite sure how often it may be happening to anonymous users.
Anyways, here's what happens:
I looked in Nginx's logs at the time, and the only message I could trace back (right around the time I tried to post the comment) was:
So... what's up with that?