'How to prevent exception logs of malformed requests in Spring Boot Application

Spring Boot 2.6.x

May 11 14:08:41 ubuntu java[1831]: 2022-05-11 14:08:41.239  INFO 1831 --- [nio-2023-exec-7] o.apache.coyote.http11.Http11Processor   : Error parsing HTTP request header
May 11 14:08:41 ubuntu java[1831]:  Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
May 11 14:08:41 ubuntu java[1831]: java.lang.IllegalArgumentException: Invalid character found in method name [0xff0x0a0x00D0x000x080xc10xff...]. HTTP method names must be tokens
May 11 14:08:41 ubuntu java[1831]:         at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:419)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:271)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
May 11 14:08:41 ubuntu java[1831]:         at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
May 11 14:08:41 ubuntu java[1831]:         at java.base/java.lang.Thread.run(Thread.java:833)
May 11 14:39:04 ubuntu java[1831]: 2022-05-11 14:39:04.939  INFO 1831 --- [nio-2023-exec-3] o.apache.coyote.http11.Http11Processor   : Error parsing HTTP request header
May 11 14:39:04 ubuntu java[1831]:  Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.
May 11 14:39:04 ubuntu java[1831]: java.lang.IllegalArgumentException: Invalid character found in the HTTP protocol [RTSP/1.00x0d0x0a0x0d0x0a...]
May 11 14:39:04 ubuntu java[1831]:         at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:570)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:271)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
May 11 14:39:04 ubuntu java[1831]:         at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
May 11 14:39:04 ubuntu java[1831]:         at java.base/java.lang.Thread.run(Thread.java:833)

Note the abnormal parts:

method name [0xff0x0a0x00D0x000x080xc10xff...],

HTTP protocol [RTSP/1.00x0d0x0a0x0d0x0a...]

These must be randomly incoming attacking requests.

Is there any way to prevent these exception logs?

spring-boottomcat


Solution 1:[1]

Is this a service that restarts quite often? Like, you get a request that starts-up Tomcat, then shuts-down, only to restart for another request after that?

Tomcat will only log the message you see above once per run at the INFO level, and those after that will be logged at the DEBUG level (just like the message says):

Note: further occurrences of HTTP request parsing errors will be logged at DEBUG level.

So it won't log every error... just the first error for each time the HttpProcessor is re-initialized.

If these log messages become a nuisance, you have a few options:

  1. Investigate why you are getting broken requests like this and try to minimize them (fix a broken client? use a firewall?)
  2. Keep Tomcat running for longer; you will get fewer errors on your log
  3. Set the log level for the org.apache.coyote.http11.Http11Processor logger to ERROR

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Christopher Schultz

Related Questions

How to SHUTDOWN Tomcat in Ubuntu?

log4j writing to console but not to file (Liferay + Tomcat)

Force log rollover in tomcat log4j2 even if no traffic

java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to start

Tomcat doesn't start with YAWL engine

How do I map Spring MVC controller to a uri with and without trailing slash?

Tomcat Credentials

How to set custom environment variables in tomcat?

JSTL error javax/servlet/jsp/jstl/core/LoopTag error when using c:forEach tomcat ver7.0 [duplicate]

Tomcat does not start. Where was I wrong?

Unknown version of Tomcat was specified with tomcat -9.0.37

Customize keycloak error page with spring boot

Restart Tomcat Service on AWS EC2 instance, on a schedule

Spark saveAsTextFile() results in Mkdirs failed to create for half of the directory

Tomcat Manager - Active Directory Authentication