3
votes

If I try to visit any resource on my website that doesn't exist (like example.com/this/path/does/not/exist or example.com/images/fakeimage.jpg), it doesn't return a 404 error. It just hangs for about a minute before it times out, meanwhile it maxes out my CPU and RAM on the server.

I thought it might be the .htaccess file, but it's the same as the default Symfony.

Another thought I had is that it may be a problem with my Apache Vhost file, but I have another Symfony site with no problems running with the same config/different site name.

I'm kind of at a loss at this point with debugging. Any ideas of what else I could look at?

--Edit-- I found this in the log:

request.ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\NotFoundHttpException: "No route found for "GET /this/is/not/a/path"" at /var/www/dev/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php line 176 {"exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException(code: 0): No route found for \"GET /this/is/not/a/path\" at /var/www/dev/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/EventListener/RouterListener.php:176, Symfony\\Component\\Routing\\Exception\\ResourceNotFoundException(code: 0):  at /var/www/dev/app/cache/prod/appProdUrlMatcher.php:2209)"} []

followed by like 100 of these:

[2016-08-22 15:26:10] request.CRITICAL: Uncaught PHP Exception Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException: "The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL." at /var/www/dev/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php line 57 {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationCredentialsNotFoundException(code: 0): The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL. at /var/www/dev/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php:57)"} []

I read this might have something to do with security.yml in Symfony. Is there anything amiss in the following perhaps?

firewalls:
        secured_area:
            pattern: ^/
            switch_user: { role: ROLE_SUPER_ADMIN, parameter: _switch_user }
            oauth:
                failure_path: "/login"
                login_path: "/login"
                check_path: /connect_check
                provider: fos_userbundle
                resource_owners:
                    facebook: "/login/check-facebook"
                    google: "/login/check-google"
                oauth_user_provider:
                    service: app.provider.oauth
            anonymous: true

        form_login:
            provider: fos_userbundle
            check_path: fos_user_security_check
            login_path: fos_user_security_login
            csrf_provider: security.csrf.token_manager
            use_referer: true

        logout:
            path: fos_user_security_logout
            target: fos_user_security_login
            success_handler: cps.sso.security.logout_success_handler
            invalidate_session: false

        access_denied_url: /
access_control:

    - { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: new$, role: ROLE_ADMIN}
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/homerecalls$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: $/reports-login, role: IS_AUTHENTICATED_ANONYMOUSLY}
    - { path: ^/article/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/category/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/author/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/accounts/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/photo/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/fileupload/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/services/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/company/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resources/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/agents/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/sellers/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/buyers/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: ROLE_ADMIN }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/user/, role: [ROLE_USER, ROLE_ADMIN]}
    - { path: ^/profile/, role: [ROLE_USER, ROLE_ADMIN]}
1

1 Answers

0
votes

Ok, I found the solution, though I doubt many others will actually have this problem for the same cause I did. This post started me down the right path to fixing it. Symfony2 error 500 instead of 404 at production

I was looking through this post combined with some of the errors I was getting, and realized that several months ago while I was first learning Symfony I had tried to enable the Symfony Profiler on the production server with this in my config.yml:

profiler:
    matcher:
        service: app.super_admin_matcher

and this in AppBundle/Profiler/SuperAdminMatcher.php:

<?php

namespace AppBundle\Profiler;

use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestMatcherInterface;

class SuperAdminMatcher implements RequestMatcherInterface
{
    protected $authorizationChecker;

    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
    {
        $this->authorizationChecker = $authorizationChecker;
    }

    public function matches(Request $request)
    {
        return $this->authorizationChecker->isGranted('ROLE_SUPER_ADMIN');
    }
}

?>

Once I removed that code, which I have no need for now, everything started working like a charm again.