App service being spammed thousands of times every hour

Hao Li 0 Reputation points
2024-06-20T22:20:25.0333333+00:00

My App Service is running Linux containers in Canada Central. We started seeing lots of failure in App Insight starting at approximately 12am on Tuesday June 18th. These failures occur every 30 min with 5k-7k count logged each time. Inspecting these request they end with HTTP 431 - Request Header Fields Too Large, the request is POST, URL is localhost:4200/?/?/?/?/?/?/?/?/?/?/?/?/?/ the /? keeps repeating.

During one of the failures I was able to capture some request live with log streaming, I was able to see the user agent signature as:
[Timestamp] POST /?/?/?/?/? (/? repeats)

HashiCorp/go-azure-sdk (Go-http-Client/1.1 webapps/2023-01-01) HashiCorp Terraform/1.5.3 (+https://www.terraform.io) Terraform Plugin SDK/2.10.1 terraform-provider-azure-rm/3.98.0 pid-222c6c49-1b0a-5959-a213-6608f9eb8820

Tried restarting, redeploying, etc. Seems to be an issue on Azure App service side. Not seeing this with my other App Services, just my two App Service running containersScreenshot 2024-06-21 121152

User's image

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,374 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Pinaki Ghatak 3,185 Reputation points Microsoft Employee
    2024-06-21T09:58:38.1766667+00:00

    Hello @Hao Li

    It appears that you’re encountering an HTTP 431 error related to “Request Header Fields Too Large” in your Azure App Service. Let’s try this.

    The 431 error occurs because more recent versions of Node.js have a hard cap of 8KB for headers. When you enable “App Service Authentication,” EasyAuth adds large headers to the request, which can cause the Node.js container to reject it. Here’s how you can mitigate this:

    1. Disable Identity Flow:
      • Set the app setting WEBSITE_AUTH_DISABLE_IDENTITY_FLOW to true. This removes one of the largest headers added by EasyAuth. Note that this header is generally used by .NET Framework and Azure Functions apps, so it should be safe to disable.
      • You can configure this in your Azure Web App’s Application Settings.
    2. Node.js Version:
      • If the issue persists, consider using Node.js 12 versions, as they might handle headers differently.
    3. Increase Header Size Parameter:
      • You can also try increasing the header size parameter by running your Node.js server with the following command:
           node server.js --max-http-header-size 81000
      
      • Adjust the value as needed.

    Remember to apply these changes to your affected Azure Web App instances. and restart the app service.


    I hope that this response has addressed your query and helped you overcome your challenges. If so, please mark this response as Answered. This will not only acknowledge our efforts, but also assist other community members who may be looking for similar solutions.