求教, curl: (52) Empty reply from server

2022-09-07 10:29:30 +08:00
 kestrelBright

阿里云的 ecs 有一台不正常,其他的正常,本地正常。

不正常的那一台有时正常,有时就返回 curl 52 ,试了重新安装 openssl 和 curl ,没有用

curl -v "https://xx.xx.xx.xx"
*   Trying xx.xx.x.x:443...
* Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*  CAfile: none
*  CApath: none
* loaded libnssckbi.so
* ALPN: server did not agree on a protocol. Uses default.
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=xx.xx.xx.xx
*  start date: Apr 01 00:00:00 2022 GMT
*  expire date: Apr 01 23:59:59 2023 GMT
*  common name: xx.xx.xx.xx
*  issuer: CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /ggfwzc/auth/gateway.do HTTP/1.1
> Host: xx.xx.xx.xx
> User-Agent: curl/7.85.0
> Accept: */*
>
* Empty reply from server
* Closing connection 0
curl: (52) Empty reply from server

另外装的 curl

*   Trying xx.xx.xx.xx:443...
* Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 443 (#0)
* ALPN: offers http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
*  subject: CN=xx.xx.xx.xx
*  start date: Apr  1 00:00:00 2022 GMT
*  expire date: Apr  1 23:59:59 2023 GMT
*  subjectAltName: host "xx.xx.xx.xx" matched cert's "xx.xx.xx.xx"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Encryption Everywhere DV TLS CA - G1
*  SSL certificate verify ok.
> GET /ggfwzc/auth/gateway.do HTTP/1.1
> Host: xx.xx.xx.xx
> User-Agent: curl/7.85.0
> Accept: */*
>
* TLSv1.2 (IN), TLS alert, close notify (256):
* Empty reply from server
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (52) Empty reply from server
698 次点击
所在节点    Linux
10 条回复
libook
2022-09-07 10:41:52 +08:00
提工单给阿里云,提供尽可能详细的证据,让他们调查解决。
kestrelBright
2022-09-07 10:43:44 +08:00
@libook 阿里云说对方屏蔽了 ip 或者做了其他限制,建议购买 xxx 服务
libook
2022-09-07 10:48:47 +08:00
让他们给解决,如果封 IP 了就让他们协助换 IP ,你揪着他们就好了,给不出满意的解决方案就一直提工单,你也可以把其他服务器正常的证据发过去来增加一些说服力。
kestrelBright
2022-09-07 10:52:25 +08:00
@libook 好的,我之前是直接在线聊。刚发完现在就又通了
eason1874
2022-09-07 11:17:45 +08:00
请求的服务器是你们自己的吗?看下日志?有可能真的 Empty reply from server

Nginx 有个 444 状态码,操作是断开连接,不返回任何内容。如果在并发拒绝、限流、临时拉黑等场景用上了,那被拒绝的请求就是这样的
kestrelBright
2022-09-07 16:25:30 +08:00
@eason1874 不是,是其他公司的。不是空的,马上在本地测试就有返回。
eason1874
2022-09-07 16:35:34 +08:00
@kestrelBright 但你本地跟服务器不是同一个 IP 吧?我的意思是,你服务器 IP 被风控了,有些请求被拒绝了,而拒绝方式是没有任何响应内容的 nginx 444
kestrelBright
2022-09-10 01:20:02 +08:00
@eason1874 一天有几个小时是好的,阿里云找了一天还是说让买弹性 ip
eason1874
2022-09-10 11:34:35 +08:00
@kestrelBright 大概率是风控了,限制了 IP 每天请求数,超过了就 444
kestrelBright
2022-09-13 11:39:28 +08:00
@eason1874 emmm,想办法访问了下对方机房的机器。发现他内网的几台机器 curl 这个地址也有的会挂起

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/878278

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX