From 5c700fc2cf398848ddcf71a2aa3f0f2a6563e87b Mon Sep 17 00:00:00 2001 From: Tom Burns Date: Tue, 30 Oct 2012 16:22:21 -0400 Subject: Begin writing HTTP request headers early to detect disconnected clients This patch checks incoming connections and avoids calling the application if the connection has been closed. It works by sending the beginning of the HTTP response before calling the application to see if the socket can successfully be written to. By enabling this feature users can avoid wasting application rendering time only to find the connection is closed when attempting to write, and throwing out the result. When a client disconnects while being queued or processed, Nginx will log HTTP response 499 but the application will log a 200. Enabling this feature will minimize the time window during which the problem can arise. The feature is disabled by default and can be enabled by adding 'check_client_connection true' to the unicorn config. [ew: After testing this change, Tom Burns wrote: So we just finished the US Black Friday / Cyber Monday weekend running unicorn forked with the last version of the patch I had sent you. It worked splendidly and helped us handle huge flash sales without increased response time over the weekend. Whereas in previous flash traffic scenarios we would see the number of HTTP 499 responses grow past the number of real HTTP 200 responses, over the weekend we saw no growth in 499s during flash sales. Unexpectedly the patch also helped us ward off a DoS attack where the attackers were disconnecting immediately after making a request. ref: ] Signed-off-by: Eric Wong --- examples/unicorn.conf.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'examples') diff --git a/examples/unicorn.conf.rb b/examples/unicorn.conf.rb index 0238043..1f4c9c0 100644 --- a/examples/unicorn.conf.rb +++ b/examples/unicorn.conf.rb @@ -46,6 +46,12 @@ preload_app true GC.respond_to?(:copy_on_write_friendly=) and GC.copy_on_write_friendly = true +# Enable this flag to have unicorn test client connections by writing the +# beginning of the HTTP headers before calling the application. This +# prevents calling the application for connections that have disconnected +# while queued. +check_client_connection false + before_fork do |server, worker| # the following is highly recomended for Rails + "preload_app true" # as there's no need for the master process to hold a connection -- cgit v1.2.3-24-ge0c7