Strange redirects that are not in the nginx log, how come?

D

dvachek2018-10-28 04:51:36

linux

dvachek, 2018-10-28 04:51:36

A very strange thing happens according to some incomprehensible principle, randomly, some site visitors are given a page with a redirect, for example:

site.ru -> redirects with a 302 code to -> site.ru/Hgdy (this page naturally gives 404)

Different random a set of letters is added, and periodically changes to another.

Moreover, approximately 1 out of 100 requests are redirected in this way, on any random page of the site.

At the same time, there is not a single such redirect to the page with these letters in the nginx log, only entries with a 404 code, i.e. either nginx does not write a log entry when it makes just such redirects (because all other normal redirects are recorded), or someone intercepts requests and makes this redirect.

What kind of nonsense is this?

Here's what it looks like from the visitor's side:

And here's what's in the nginx log with these letters (only one entry with a 404 code):

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

P

Pavlo Ponomarenko, 2018-10-28
@TheShock

Does this happen for all users or for one (maybe he has a plugin for chrome)? Can you accurately replicate this behavior and catch this bug (important for diagnostics)? Do you have a local site where this doesn't happen? You can remove the connection to the engine from nginx, or stop the engine itself (I don't know what you have there). Maybe the engine is shaking? Then check after that if redirects are being implemented. If the redirects are gone - it's in the engine. If not gone - somewhere earlier.

R

Ruslan Fedoseev, 2018-10-28
@martin74ua

js script on the page?