Bot's HTML Server seems to die after too many errors

#1

PhantomBot Version: 3.0.0
OS Version: Windows Server 2012 or 2008.
Java Version: 7 update 171 or something.
Browser and Version (for Panel Support): Latest Stable Google Chrome
Stock PhantomBot: Yes, but config changes may be the issue here.

So I don’t stream near as much as I used to, but I still have the bot running on a windows server with another bot I wrote. The bot is open on port 80 for my ease of access. Is it a bad idea (security wise)? Probably. Do I care? Not enough to change it.

However, I do get random queries from potential attackers (I’m sure every site gets these), trying to get into various setup files for different services (like forums and whatnot). Seeing as Phantombot has none of these, it just spits an error.

I’ve got a file on my website (not on the same IP as the bot) that queries some data for the bot so I can put it in my overlay. Every day or so I’ll notice that this file stopped working, and just shows nothing. A quick restart of the bot and a refresh of the page, it’s back to normal.

Note that I’ve had this exact same setup since probably phantombot 2.3 or before, and have never experienced this issue until the 3.0.0 release.

Here is the most recent error log: 13-05-2019.txt (84.7 KB)

As you can see, it’s literally all just “FileNotFound”. I’m not sure how much of an impact on performance it would make, but if some form of file verification could be added to prevent these errors from spamming it may fix my issue. Or, it’s something else causing the issue. I’m not sure yet.

#2

This is a light weight web server, not entirely intended to create a rules and filtering inside of it. All filtering would have to come first and push back down the list the files to serve resulting in a slow down. That said, do let me discuss internally.

All of that aside, the web server code hasn’t changed, we just got rid of the secondary hosting for the Beta Panel in 3.0.0. Has there been a change in the JDK at any time in the recent past?

Now for all of my opinion, which can be ignored :slight_smile:

Personally, I firewall off all IPs except my home IP address from the bot control panel. I use a method to obtain my home IP if it ever changes as well and update the firewall rules.

Personally, I would care about port 80. I am not sure about Windows but in Linux that requires that an elevated account is running PhantomBot which isn’t suggested. If there are security holes, running as an elevated user is not so good. Most folks would run a proxy in front of it (which is pretty much the recommendation of security for most services, I believe). I can tell you we had a bug where people could read any file anywhere using the web server when it was running as an administrative user, it has been fixed, however, are there other issues? Maybe.

#3

Yeah I know it’s not supposed to be the most complex thing.

I’m not sure what could be causing the issue other than just the amount of errors. There’s nothing else in the logs that could really hint at something else. The PHP pages don’t report any errors on their end either.

Also I noted the wrong Java version. The server is running on Java 8 update 211, not sure if that plays a role in this.

#4

Would it be possible for you to have PHP write a Last Request log with the HTTP Status Code, Response Headers, and Response Body, and then post what it reports from one of these failures? (This info may require using cURL to execute the requests)

#5

I’ll see what I can make it print and report back when I can.

#6

I like GMT’s idea. I will spam a bot with a while loop from bash with a bad file request and see if I can break my local bot.

#7

So, I hit my PhantomBot 50, then 100, 100, 500, 1000, 5000 times (this is the last loop):

illusion% CTR=0; while [[ CTR -lt 5000 ]]; do curl -X GET morpheus.int.freaq.net:27000/robots.txt 1>/dev/null 2>/dev/null; CTR=$((CTR + 1)); echo -n "${CTR} "; done
...
 4667 4668 4669 4670 4671 4672 4673 4674 4675 4676 4677 4678 4679 4680 4681 4682 4683 4684 4685 4686 4687 4688 4689 4690 4691 4692 4693 4694 4695 4696 4697 4698 4699 4700 4701 4702 4703 4704 4705 4706 4707 4708 4709 4710 4711 4712 4713 4714 4715 4716 4717 4718 4719 4720 4721 4722 4723 4724 4725 4726 4727 4728 4729 4730 4731 4732 4733 4734 4735 4736 4737 4738 4739 4740 4741 4742 4743 4744 4745 4746 4747 4748 4749 4750 4751 4752 4753 4754 4755 4756 4757 4758 4759 4760 4761 4762 4763 4764 4765 4766 4767 4768 4769 4770 4771 4772 4773 4774 4775 4776 4777 4778 4779 4780 4781 4782 4783 4784 4785 4786 4787 4788 4789 4790 4791 4792 4793 4794 4795 4796 4797 4798 4799 4800 4801 4802 4803 4804 4805 4806 4807 4808 4809 4810 4811 4812 4813 4814 4815 4816 4817 4818 4819 4820 4821 4822 4823 4824 4825 4826 4827 4828 4829 4830 4831 4832 4833 4834 4835 4836 4837 4838 4839 4840 4841 4842 4843 4844 4845 4846 4847 4848 4849 4850 4851 4852 4853 4854 4855 4856 4857 4858 4859 4860 4861 4862 4863 4864 4865 4866 4867 4868 4869 4870 4871 4872 4873 4874 4875 4876 4877 4878 4879 4880 4881 4882 4883 4884 4885 4886 4887 4888 4889 4890 4891 4892 4893 4894 4895 4896 4897 4898 4899 4900 4901 4902 4903 4904 4905 4906 4907 4908 4909 4910 4911 4912 4913 4914 4915 4916 4917 4918 4919 4920 4921 4922 4923 4924 4925 4926 4927 4928 4929 4930 4931 4932 4933 4934 4935 4936 4937 4938 4939 4940 4941 4942 4943 4944 4945 4946 4947 4948 4949 4950 4951 4952 4953 4954 4955 4956 4957 4958 4959 4960 4961 4962 4963 4964 4965 4966 4967 4968 4969 4970 4971 4972 4973 4974 4975 4976 4977 4978 4979 4980 4981 4982 4983 4984 4985 4986 4987 4988 4989 4990 4991 4992 4993 4994 4995 4996 4997 4998 4999 5000 [morpheus] /home/illusion

The web server still responded. How many times do you think you see it being hit before it fails? I have to an errand to run, I am going to leave it on a 100k loop, that should take a while.

#8

I ran 100k loop, was fine. I am running a 1 million loop now - so far, been hitting the Control Panel once in a while, seems fine. I will let it finish though.