ERROR 400 Cookies too large

[b4pjoe]

Over the past 48 hours there have been a number of zero day patches installed on the server. Looking at the server some config files have been reset. I have just gone through them and reset things back to the way they were.

Over the past 2 weeks there has been a major security patch almost daily and yesterday there were three alone.

Cpanel says that some of the issues were so bad that anyone could get root access to the server by some simple methods. I have been applying their patches as soon as they have come out.

I do appologize as security is important to me and the site.

Let me know how it is now.

Yeah I understand the need to keep up with the security patches.

Trying again this morning and all 5 browsers on the iPad, Safari, Chrome, Firefox, Edge, and Brave are all still doing the same as yesterday .

On my iMac I can access the site fine with Firefox but not the other 4 browsers mentioned above. And again all of the browsers work fine on all other websites I have been to other than this one.

 

[Foxbat]

This almost sounds like your ISP's DNS cache needs to be flushed. Is it possible to set your home's router to use Google DNS or some other DNS resolver?

 

[b4pjoe]

This almost sounds like your ISP's DNS cache needs to be flushed. Is it possible to set your home's router to use Google DNS or some other DNS resolver?

I will have to check that. It is an ISP router instead of mine.

Just to add on Windows I also cannot access the site or only very sporadically using Chrome, Brave, or Edge which makes me think it has something to do with my location which is in south central Illinois.

Posting this from Firefox on a Linux PC and it works fine.

 

[Foxbat]

I will have to check that. It is an ISP router instead of mine.

On Windows, you should be able to override the DNS server your Router assigned, 8.8.8.8 or 1.1.1.1 are two that come to mind.

 

[Scott Greczkowski]

Our DNS hasn't changed at all. But the company that hosts our DNS servers was down for a bit which caused issues.

In Windows if you are having DNS issues you can go to a command prompt and type in the following..

ipconfig /flushdns

That will clear your DNS cache and force windows to go out and grab the updated data.

But as I reported in the outage thread we were notified by the company that does our DNS and CDN (which handles our CSS and Javascripts) they are still having minor issues.

You can also set your DNS on the Windows machine to use different DNS. I use 1.1.1.1 and 9.9.9.9 for mine and you will find that those DNS servers may be faster then what your ISP uses, in fact you may notice your connection is a little faster because of it.

We just had another security update a few seconds ago for our web server software (NGINX) which I just installed a few moments ago. And I was notified of a new kernel was installed so I need to reboot the server. So it we are down for like 30 seconds, this is the reason why.

With all these security updates, it appears they are running all the server code through AI looking for holes and it is finding a lot of them. Some of them have been there for years (and no one discovered them thankfully) I hope we are close to them being done, as this patching is screwing up a lot of things as they are rushing to get the patches out.

PLEASE LOG IN TO GET RID OF THESE ADS!

 

[Scott Greczkowski]

And reboot complete.

 

[b4pjoe]

On Windows, you should be able to override the DNS server your Router assigned, 8.8.8.8 or 1.1.1.1 are two that come to mind.

Weird my ISP router lets me change the DNS servers but the changes never takes effect. They must be blocking users from changing their DNS. See next post for the solution that worked.

 

[b4pjoe]

Our DNS hasn't changed at all. But the company that hosts our DNS servers was down for a bit which caused issues.

In Windows if you are having DNS issues you can go to a command prompt and type in the following..

ipconfig /flushdns

That will clear your DNS cache and force windows to go out and grab the updated data.

But as I reported in the outage thread we were notified by the company that does our DNS and CDN (which handles our CSS and Javascripts) they are still having minor issues.

You can also set your DNS on the Windows machine to use different DNS. I use 1.1.1.1 and 9.9.9.9 for mine and you will find that those DNS servers may be faster then what your ISP uses, in fact you may notice your connection is a little faster because of it.

We just had another security update a few seconds ago for our web server software (NGINX) which I just installed a few moments ago. And I was notified of a new kernel was installed so I need to reboot the server. So it we are down for like 30 seconds, this is the reason why.

With all these security updates, it appears they are running all the server code through AI looking for holes and it is finding a lot of them. Some of them have been there for years (and no one discovered them thankfully) I hope we are close to them being done, as this patching is screwing up a lot of things as they are rushing to get the patches out.

Thanks for all you do here. I know it is a full time job. LOL

I seem to have got the issue fixed on my Mac using Safari and the other browsers that weren't working by flushing the Mac DNS. The fix was entering this into the Mac terminal: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

So if anyone else has this issue you may try the above. Like I said that fixed the issue on my Mac. Not sure how to do that on my iPad but I am looking into it.

 

[b4pjoe]

Not sure now what fixed the issue but the site is working fine now in Safari on the iPad without doing anything on the iPad. Unless since maybe they are using the same Apple account maybe that fixed it on the iPad but probably not since Safari on the iPhone still isn't able to load the site.

 

[comfortably_numb]

Safari on the iPhone still isn't able to load the site.

No issues here on iPhone Safari

PLEASE LOG IN TO GET RID OF THESE ADS!

 

[b4pjoe]

No issues here on iPhone Safari

Turned off wireless on iPhone and then turned it back on and Safari now loads it fine.

 

[Scott Greczkowski]

I love a happy ending.

I am no UNIX expert but am rather good now as a lot of it. But still learning. These past few weeks have been crazy with patches. But I am glad I can fix things when they pop up. And am also happy that if I am stuck I can contact Matt W to work on things. matt is over in the UK, so sometimes timing can be an issue, but he has been fantastic.

 

[b4pjoe]

This almost sounds like your ISP's DNS cache needs to be flushed. Is it possible to set your home's router to use Google DNS or some other DNS resolver?

Weird my ISP router lets me change the DNS servers but the changes never takes effect. They must be blocking users from changing their DNS. See next post for the solution that worked.

So my router did let me change them to 8.8.8.8 and 8.8.4.4 as shown here:

But when I check my connection on the router it still shows the DNS as this:

But if I check my DNS now via Apple Terminal it shows this:

nameserver[0] : 100.100.100.100
nameserver[1] : fd7a:115c:a1e0::53
nameserver[0] : 8.8.8.8
nameserver[1] : 8.8.4.4
nameserver[0] : 100.100.100.100
nameserver[1] : fd7a:115c:a1e0::53
nameserver[0] : 8.8.8.8
nameserver[1] : 8.8.4.4
nameserver[0] : 100.100.100.100
nameserver[1] : fd7a:115c:a1e0::53
nameserver[0] : 8.8.8.8
nameserver[1] : 8.8.4.4

so it appears changing the DNS servers in the ISP router does actually change the DNS so I assume that is why it now works everywhere after clearing out the old DNS cobwebs. Whew. Thanks for everyone's help.

 

[harshness]

You have to watch out for both the DNS server search order as well as where the IPv6 servers are pointing.

This can be more difficult with Windows (unless you disable IPv6 altogether).

 

[Scott Greczkowski]

We don't have ipv6 enabled.

We were given a ipv6 address from our server company but never put it in as I have no way of testing it as my isp still does not offer ipv6.

PLEASE LOG IN TO GET RID OF THESE ADS!

 

[harshness]

We don't have ipv6 enabled.

That doesn't prevent your end users from using an IPv6 DNS server. IPv6 servers will happily serve up IPv4 addresses, and with Windows, choosing which scheme is in play isn't particularly straightforward or reliable (especially in a world increasingly tinkering with VPNs).

The long-term solution may be to use a different DNS service entirely. This is defined at the domain registration level rather than the ISP level.

I use Cloudflare as its basic DNS functionality is free and relatively reliable. I also use Cloudflare as my registrar.