Node app running on single VM in US.
The app takes an incoming request (every 4 hours), responds quickly with a 202 and then does a bunch of work and that is that.
From the fly logs output we can see if the app did its job smoothly, and typically all is well.
The past 4 times though, after the app was done with its work, the fly logs show something like:
What is this?
Interesting is the timestamp. Another service of ours sends the request to the app every 4 hours (00, 04, etc) so this error at 03:35 is weird.
In the other error entries in the fly logs output, the value of request.url is e.g. ver.movistarplus.es:443 and hotmail-com.olc.protection.outlook.com:25
The app does not crash or anything and the next scheduled job runs fine on it, but I’d like to understand this.
Since every app gets its own IP address, it’s possible you’re just getting spam with the Host header set to those values. The connection closing might happen if it’s a malformed request being rejected. Do you have any authentication on your service?
This is a weird and unexpected request.
While the app is publicly available, it acts as a helper component in our service and is only used ‘internally’.
Makes sense to assume this is a request to our IP that is spam/spider or something else, but that goes through a Fly proxy first.
Does the proxy send the request with method CONNECT to our app or is that method from the request that came into Fly?
Is it correct the request to our app was for host orangetv.orange.es on port 443 if the log entry shows request.url="orangetv.orange.es:443" ?