Confluence log has java.lang.IllegalArgumentException: Invalid character (CR or LF) found in method name
This article only applies to the Atlassian server platform. Learn more about the differences between cloud and server.
The following appears in the
Apr 15, 2016 10:44:21 PM org.apache.coyote.http11.AbstractHttp11Processor process INFO: Error parsing HTTP request header Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. java.lang.IllegalArgumentException: Invalid character (CR or LF) found in method name at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:228) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1009) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
- Confluence running on tomcat
If access logging is enabled, they show entries like this
22.214.171.124 - - [15/Apr/2016:22:44:21 +1000] "-" 400 - "-" "-" null
A research scanning machine from the University of California at Berkeley regularly conducts scans of the entire Internet, so you may have been scanned as part of an ongoing research project.
The machines the scanning is coming from are
If you have been or are currently being scanned and would like to opt out, please email email@example.com with the IP ranges you would like to exclude in CIDR format. For most Confluence machines this is the single IP address that the machine is running on.