Short POST data in HTTP

Posted on

Short POST data in HTTP – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about linux, php, apache-2.2, , .

We’re hosting a customer’s Debian Linux web server. It’s running a PHP based web application.

The server is sitting behind our firewall with it’s own virtual interface and port 80 is forwarded internally to a machine sitting in the DMZ.

The issue we’re having is that when data is posted to the server it seems to be being cut short for some users. It’s reproducable for some users on the same box. But the same user sending the same data on the same lan on another PC it works.

The data gets cut to around 1140 bytes I’m told.

Any idea why this might be happening?
The customer is blaming our firewall, but then surely we’d have issues with other services.
I’m suspecting it’s a problem with the website itself. Suggestions on how to isolate the problem would be of help.

Our firewall is Astaro.

EDIT: A customer has set the ethernet frame size temporarily to 500bytes on the server. This made it work for now! I know some of the customers are using an internet provider that runs PPPoE

Solution :

To eliminate the firewall, I’d try a test POST using curl right from the server itself. This post over on StackOverflow gives an example of how to use curl -F <filename>.

The first place i’d be looking is at the apache/php logfiles (even increase the loglevel there if possible). If data gets cut at a certain point, it either smells like a timeout (customers using bad connections ? traffic bottleneck somewhere ? ) or a buffer setting (which is unlikely since there is not a fixed pattern).

The alternative approach if the logging would not learn you that much is, if you found a reproducible case is to set up a sniffer (tcpdump/wireshark) to capture the traffic and to analyse what is going over the wire.

I like to use this Free http post tool to test send post request and get the post response

It turns out that the problem is caused by our firewall. I believe it was messing around with the frame size and dropping frames above a certain value. The eventual solution was to move the server onto the outside of the firewall.

As the server itself is Linux and it’s for a very specific application, iptables is configured to allow only ports 80, 433 and port 22. And port 22 is only responding from certain static source addresses.

We haven’t had any further issues with it.

Leave a Reply

Your email address will not be published.