ActionController::RoutingError: No route matches [CONNECT] "/"

rubyonrails-talk
1

Hi,

i’ve been getting the subject error for some while in production.

I’ve tried to find out what that connect even means with little avail.

But i was generally surprised how much hacking attempts are being made, so i’m pretty sure it’s ill intent.

Just, i can’t seems to get rid of the error. I tried to add rescue_from to my ApplicationController, as in:

rescue_from ActionController::RoutingError, with: :error_404

but that doesn’t do it. The call goes from phusion through rack and rails, and ends in

actionpack-4.2.5/lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call’

Has anyone encountered this in the wild ?

Torsten

2

Hi,

i've been getting the subject error for some while in production. I've tried to find out what that connect even means with little avail. But i was generally surprised how much hacking attempts are being made, so i'm pretty sure it's ill intent.

CONNECT is an http method used for proxies to allow tunnelling arbitrary traffic through a proxy: basically someone has been scanning for misconfigured proxies (and probably other stuff too). Just a fact of life really.

Just, i can't seems to get rid of the error. I tried to add rescue_from to my ApplicationController, as in:

rescue_from ActionController::RoutingError, with: :error_404

This type of routing error can't be rescued like that since rails doesn't know which controller should be used. If it bothers you then you could try blocking it at the webserver level (eg core - Apache HTTP Server Version 2.4)

Fred

3

Thanks Fred,

strange to think there should be an error that can’t be handled in rails. Still, thanks for the answer, which i am unfortunately not sure i understand.

Are you saying i should have a

4

Thanks Fred,

strange to think there should be an error that can't be handled in rails. Still, thanks for the answer, which i am unfortunately not sure i understand.

You could also handle via a rack middleware or by supplying a custom exception app (see Configuring Rails Applications — Ruby on Rails Guides)

Are you saying i should have a <Limit CONNECT>

</Limit>

Not sure - never done this, but this seems to be the mechanism Apache provides for filtering requests based on http method.

Fred