How to disable Rails RoutingError stacktrace printout in Production log files?

A

2

16

In my proudction rails app, I got all types of random attacks requesting for asp, zip and rar files. Rails rendered 404 page as expected, but my production log file is jammed with RoutingError stacktrace dump like the following.

My question is: can I block URLs with certain patterns in Apache/Passenger? Or at least can I configure Rails to just log the error itself and not to print the entire stacktrace? Thanks!

Processing ApplicationController#index (for 100.222.237.7 at 2011-03-22 10:59:54) [GET]

ActionController::RoutingError (No route matches "/include/upfile_flash.asp" with {:host=>"www.myhost.com", :method=>:get, :domain=>"myhost.com", :subdomain=>"www"}):
  passenger (2.2.15) lib/phusion_passenger/rack/request_handler.rb:92:in `process_request'
  passenger (2.2.15) lib/phusion_passenger/abstract_request_handler.rb:207:in `main_loop'
  passenger (2.2.15) lib/phusion_passenger/railz/application_spawner.rb:441:in `start_request_handler'
  passenger (2.2.15) lib/phusion_passenger/railz/application_spawner.rb:381:in `handle_spawn_application'
  passenger (2.2.15) lib/phusion_passenger/utils.rb:252:in `safe_fork'
  passenger (2.2.15) lib/phusion_passenger/railz/application_spawner.rb:377:in `handle_spawn_application'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:163:in `start'
  passenger (2.2.15) lib/phusion_passenger/railz/application_spawner.rb:222:in `start'
  passenger (2.2.15) lib/phusion_passenger/spawn_manager.rb:253:in `spawn_rails_application'
  passenger (2.2.15) lib/phusion_passenger/abstract_server_collection.rb:126:in `lookup_or_add'
  passenger (2.2.15) lib/phusion_passenger/spawn_manager.rb:247:in `spawn_rails_application'
  passenger (2.2.15) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize'
  passenger (2.2.15) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  passenger (2.2.15) lib/phusion_passenger/spawn_manager.rb:246:in `spawn_rails_application'
  passenger (2.2.15) lib/phusion_passenger/spawn_manager.rb:145:in `spawn_application'
  passenger (2.2.15) lib/phusion_passenger/spawn_manager.rb:278:in `handle_spawn_application'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
  passenger (2.2.15) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'

Rendering /myapp/public/404.html (404 Not Found)

Azzieb answered 22/3, 2011 at 3:24 Comment(0)

P

10

Rails 4 and 5 answer:

match '*any', to: 'not_found#anything', via: [:get, :post]

To match a wildcard parameter, it must have a name assigned to it - any in this case.

class NotFoundController < ApplicationController
  def anything
    Logger.new('log/not_found.log').info(request.fullpath)
    # To render nothing:
    # head :not_found #Rails 5
    # render nothing: true, status: :not_found # for Rails 4

    #To render 404 page
    render file: 'public/404.html', status: :not_found, layout: false
  end
end

Photochromy answered 2/9, 2016 at 9:40 Comment(1)

if you're using ActiveStorage you will need to add a constraint see #57304233 – Magbie 29/10, 2022 at 16:46

K

9

You could add a catch all route after all your other routes that would catch this stuff and render a controller/action of your choosing:

match '*' => 'errors#not_found'

You could even choose to only match .asp or whatever if you wanted:

match '*.:format' => 'errors#not_found', :constraints => {:format => /(asp|zip|rar)/i}

Kizer answered 22/3, 2011 at 3:43 Comment(0)

Recommended topics

Hot tags