| Description | This article describes some common reasons why FortiWeb's traffic logs register traffic to destination 0.0.0.0 and HTTP message 503 and how to reduce those kind of logs. |
| Scope | FortiWeb. |
| Solution |
In web services published by FortiWeb, traffic logs may be registered with destination 0.0.0.0 and HTTP message 503.
Cause 1: This situation may occur because of the status of configured servers in a server pool. After accessing the configured server pool of the server policy (or the HTTP content routing), the configured web server has either the Disable or Maintenance status. In this case, when a user tries to access this web service, the only real server in the server pool is disabled, which leads to error 503 and destination 0.0.0.0 in the traffic logs.
Now, if the server pool has more than one web server and at least one of them has its status set to Active, traffic will be sent to that server.
Another possible reason why traffic to 0.0.0.0 and message 503 is generated in the HTTP content routing policy is if there is no default policy configured.
In these cases, although there could be server policies that have all real servers enabled, traffic logs with destination 0.0.0.0 and message 503 will be generated because FortiWeb does not know where to forward the request: it cannot find any matching content routing policy.
In summary, to avoid or reduce traffic logs showing destination 0.0.0.0 and HTTP message 503, check one of the following two points:
In Edit HTTP Content Routing Policy, change Default parameter to Yes. Then select OK:
In the HTTP Content Routing policies list, confirm the select policy's Default value has changed to Yes:
|
