Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

load balancer - logs

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    load balancer - logs

    For those of you using a load balancer, do your Alpha logs show the original IP address of the request or the IP address of the load balancer (or the Alpha node)? And if so, do you have a way around this, so you can track the original IP address of the client request?

    Also, anyone working with MS Windows Network Load Balancer (NLB)?
    Steve Wood
    See my profile on IADN


    #2
    Re: load balancer - logs

    IP Address of the load balancer.
    Mike Brown - Contact Me
    Programmatic Technologies, LLC
    Programmatic-Technologies.com
    Independent Developer & Consultant​​

    Comment


      #3
      Re: load balancer - logs

      Some of the LBs have a feature called "transparency" which carries through the original client IP. Alpha does not need much in the way of a balancer, most of the LB software and hardware that I have looked at does more than needed.

      I am looking at Alpha IIS or even standard Alpha using IIS Web Farms to redirect to Alpha Instances.
      Last edited by Steve Wood; 02-18-2018, 09:53 PM.
      Steve Wood
      See my profile on IADN

      Comment


        #4
        Re: load balancer - logs

        I am also testing load balancer but not in IIS.

        I have configuration where I have kind of reverse proxy then behind it is a html server and this server also forwards traffic as a reverse proxy to AA server instances. AA server instances are bind to 127.0.0.1 and different ports. So the first reverse proxy hides my real IP from evil world and the second reverse proxy(html server) forwards traffic to AA when needed (.a5w pages and ajax). Now I try to put load balander (node) between these two reverse proxy. At least this is current plan. At the moment Alphas built in access logs has always value 127.0.0.1

        But in Alpha server using xbasic I can get the real IP from client and also the IP of first reverse proxy(has many different values so not always same IP) using code:

        dim IPs as C = Context.Request.GetHeader("Here header name")

        Kenneth
        Last edited by kkfin; 02-19-2018, 01:37 PM.

        Comment


          #5
          Re: load balancer - logs

          Hey Key, thanks - I was about to go look for how to grab the IP from the header. That is one of the ways discussed in load balancer docs. If I grabbed the IP from the header, I can generate my own internal logs and still use the Alpha logs as needed (the Access log is good for determing overall load over a give time period.) Having the IP in a real time log is important. I am also working on real time IP blocking - blocking by IP (3rd party tool) if it generates X number of 404 or 500 errors in a given time period. Inspired by one client in particular who gets SQL-injection hits all of the time bringing the Alpha site to a halt.
          Steve Wood
          See my profile on IADN

          Comment


            #6
            Re: load balancer - logs

            Well, so far there is no IP address in my HTTP header that is passed through the load balancer. Not all load balancers have this protocol.

            It would be:

            dim IPs as C = Context.Request.GetHeader("X-Forwarded-For")

            And you can view all headers with a simple:

            ?request.raw
            Steve Wood
            See my profile on IADN

            Comment


              #7
              Re: load balancer - logs

              I think it is very difficult to do anything for sql inject attacks. Firewall with this feature(prevent) or url rewriting. Good point is also not to use sql if not absolutely necessary. It is not a must in most cases.

              I think here is actually a DDOS attack ongoing. If current situation is that servers IP points to domain name , check here . So if you see the real IP then only solution is to get a CDN service maybe CloudFlare and replace current name servers with CloudFlare name servers and GET NEW IP (this is must!) and THEN modify DNS A record (not earlier). Now the attacker can not directly use IP address anymore (attacker do not find it) and CloudFlare protects domain name from attacks.

              I have configuration that if I use my Ip address as a url I get empty web page just one world in it. I think this is also a must configuration today if your try to prevent DDOS attacks

              Comment


                #8
                Re: load balancer - logs

                Hacking#1: The way I plan to address bad bot hits on my site is to use the optional https error pages that can be configured in the Alpha server. For example, if the client request triggers a 500 or 404 error, I can send the 'user' to my own A5W page and run some xbasic on that request to block the IP after X times. SQL injection often will produce either of these https errors. I use a 3rd party IP blocker that will allow me to immediately block an IP sent from an xbasic script. Hacking threat is getting bad enough that I have to do this.

                Hacking#2: For a particular client, we are contemplating taking the nuclear option to stop hacking and restrict access to the website. The concept is to use an IP whitelist rather than a blacklist. ALL IPs will be initially blocked and users have to validate who they are before their IP is added to the whitelist. This is only viable because they have a closed set of customers and no access from the general public.

                Load Balancer#1: Back on this subject. I have attached two website load charts. They show user requests over a couple days. The first chart is load using ONE instance of Alpha Anywhere. The second chart is after I started using the load balancer and shows just one of the four Alpha instances. Note how dense the first chart is compared to the second chart; this is because the same load is spread over four Alpha instances. The black arrow on the first chart is when the Alpha server went unresponsive (users could not login or perform any work) and we restarted the server.

                Load Balancer#2: One of the drawbacks of using a load balancer is you lose the original client IP; it is replaced with the IP address of the load balancer. I confirmed this is true for the arrangement at Zebrahost as well. Personally, I cannot live with that -- I need to know the client IP address! So I am starting to work with a software-based load balancer that will let me grab the original client IP address from the header (as Ken talked about above). If it works I am going to package it up as an Alpha utility for others to use.
                Attached Files
                Steve Wood
                See my profile on IADN

                Comment


                  #9
                  Re: load balancer - logs

                  Hacking and auto scanning is made against IP address.

                  So if IP it does not point to a domain name it does not affect. You do not have to protect against it. I use this configuration. There is one single word index.html running on html server(second proxy) that can handle thousands hits per seconds. Because IP does not point anywhere hacker can not start examine my site and go further because there actually is no site in my IP address. Dead end.

                  So user/hacker have to use domain name(and know it) to access site. In site I always use landing page. So just css and html in Index page. This is not served from AA and because of CDN it is cached and loads as fast from Europe or USA. This is for performance. But I also have to protect my domain name and it is protected automatically by the first proxy. Any attack and one get challenge page.

                  I also use service provider that includes external firewall so whitelisting is easy to done and do not spend server resources. So no need for example RDP Guard.

                  So I think it is better to use tools available because it is not possible for one developer to handle these attack/hacking tasks.

                  I use also" url based load balancing" so for example site.com/ar/... and site.com/rr/.. are serverd by different instance.

                  Comment


                    #10
                    Re: load balancer - logs

                    using an empty index.html default page coupled with an obscure-named landing page is a good method because for certain the hacker will travel all of the hyperlinks starting with the default page. But for a commercial website, we will have a valid sitemap.XML and robots.txt giving away our secret and telling hacking bots what pages to hit. If our load balancing does not fix our issues, we will also use url-based balancing, unique url for specific customers.

                    Good conversation. One other point just from the 'independent developer' angle. The fact that a site gets hacked to death, even though it is not our fault, reflects on our project. My client enjoys blaming Alpha, by which they mean me, for their troubles. For the site I have been talking about I long suspected they were maxing out their one Alpha instance but found it hard to prove. Seeing the results of moving it to four Alpha instances definitely proved it.
                    Steve Wood
                    See my profile on IADN

                    Comment


                      #11
                      Re: load balancer - logs

                      Some reasons above are why I would not want to have an inhouse server. MY websites and my clients came under ddos attacks early yesterday morning. My hosting company caught it right away and fixed it. Still the sites were not responding rapidly while that was going on. I get sql injection and php attacks several times a day+ several other kinds of attacks. Fortunately I have safeguards in place. Would not help for alpha since I am 100% on Linux.
                      Dave Mason
                      [email protected]
                      Skype is dave.mason46

                      Comment


                        #12
                        Re: load balancer - logs

                        Originally posted by Steve Wood View Post
                        using an empty index.html default page coupled with an obscure-named landing page is a good method because for certain the hacker will travel all of the hyperlinks starting with the default page. But for a commercial website, we will have a valid sitemap.XML and robots.txt giving away our secret and telling hacking bots what pages to hit. If our load balancing does not fix our issues, we will also use url-based balancing, unique url for specific customers.
                        First one more time IP address and the actual website are two different things in my configuration. If you use url: examplesite.com you get the actual site but if you use url: 999.9.9.9 (= servers real IP) you get another but empty site. So hacker has to know url: examplesite.com to access the real site, but IP does not lead them there. If this concept is unclear when protecting site then not much can be done. Url: 999.9.9.9 (=your servers real IP address) and Url: examplesite.com should never show same site.

                        So examplesite.com has professional look and it has hyperlinks, pictures, text and login option and Bootstrap4 css. Also site has valid sitemap.xml and robots.txt. It has ssl and it has CDN. Because index page is static and because site has CDN index page loads in milliseconds (alone in USA it is cached by 28 data-centers). All this make it 100% SEO friendly and it has all features that makes Google rank it high. Most important are SSL and speed. I think to all web users the most important thing is that first page will load superfast.

                        Dave: With Alpha shared hostingis is out of question in practise but I also use Node and it is a great advantage today for example to get load balancing for free ( I think Alpha Cloud is shared hosting but then you can forget Node). And I use CloudFlare to protect my domains. Protecting DDOS attack is a feature so nobody has to do anything. Protection is automatic.
                        Last edited by kkfin; 02-21-2018, 04:11 AM.

                        Comment


                          #13
                          Re: load balancer - logs

                          Because of your thread, Steve, I now can log my user's IP addresses. Thanks!

                          I discovered that my hosting service, by default, includes the user's IP address in X-Forwarded-For.
                          Mike Brown - Contact Me
                          Programmatic Technologies, LLC
                          Programmatic-Technologies.com
                          Independent Developer & Consultant​​

                          Comment


                            #14
                            Re: load balancer - logs

                            If anyone is using a load balancer of any type would you please PM or email me at [email protected].
                            Steve Wood
                            See my profile on IADN

                            Comment

                            Working...
                            X