NGINX Reverse Proxy : Many html status code 400 responses, why?

Question

We have recently implemented a nginx based reverse proxy.

While, debugging our access logs, we are seeing quite a bit of status code 400 results.

They look somet

Answer 1

Are you handling SSL connections? Can you add $ssl_cipher $ssl_protocol to your access log format?

Answer 2

First, it's fairly possible that your clients send request with really big http headers or urls. Maybe an older version of your application set some (probably big) cookies which are unused now and some clients are still trying send them back.

I'd set the header buffers to a really big value and on the application side log the size of the headers/requests and the complete request if they are bigger than usual. Or completely take out the nginx from the chain and log the header/request with the same conditions. If you can, take out the nginx for only those IPs/subnets where the 400 errors came from. I suppose nginx can log the source IP for these 400 errors.

Answer 3

I found this was caused by using Chrome, which apparently opens extra connections occasionally without sending any data.

Here's some more info: http://www.ruby-forum.com/topic/2953545

Now the question is what to do about them - the answer provided there wasn't very satisfying.