Tomcat logs are getting filled with intrusion exceptions as below:
ERROR IntrusionException:55 - [SECURITY FAILURE Anonymous:null@unknown -> /ExampleApplication/IntrusionException] INTRUSION - Multiple (2x) and mixed encoding (3x) detected.
It's not creating issues in the application but tomcat logs are flooded with these errors.
Followed this article and turned errors into warnings but still size of log file is increasing too fast.
How to handle these exceptions? Can anyone help me with your inputs to handle this?
This is outside the realm of ThingWorx support, but you should engage your network engineering team for blocking the source connection(s). You should be able to tell from the access logs where the traffic is originating from. Usually IT teams will want to handle this at the firewall under their current security policies.
Our Thingworx Application logs are filled with "Error occurred while validating HTTP header: cookie", to handle this we followed ptc articles and updated validation properties. After that http header cookie error went away, now it started filling tomcat with ERROR IntrusionException:55 - [SECURITY FAILURE Anonymous:null@unknown -> /ExampleApplication/IntrusionException] INTRUSION - Multiple (2x) and mixed encoding (3x) detected.
@slangley Followed below community post and article:
We were able to turn errors into warnings following the article but tomcat logs are filling fast. can you provide some workaround to handle this?