SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member
    Join Date
    Aug 2010
    Posts
    17
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Classic ASP - App Errors in Event Viewer and Reliability

    Hi,

    I have a Classic ASP website with SQL Server on a VPS with 1GB RAM, 2 Cores and 80GB HDD.

    I have a consistent error in my event log showing that everyday around 6am (seconds before or minutes after) my website suffers this error twice:

    Faulting application w3wp.exe, version 7.0.6001.18000, time stamp 0x47919413, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000374, fault offset 0x000b015d, process id 0x798, application start time 0x01cb7b1c596f4ca8.

    Along with an error like this a bit later sometimes:

    Failed to retrieve the Anonymous User Token for ASP Application /LM/W3SVC/424/ROOT. Global.ASA OnEnd routines will not be executed.


    I am sure it is no coincidence that at 6am daily, my web app pool for this website is set to recycle.

    The site uses ASP Sessions using cookies and also uses cookies to store cart data.

    Please can anyone suggest how I can fix/resolve this error and also any suggestions for how I can make my site more secure and reliable?

    Cheers Tom


    ------ A few additional questions -------

    SLIGHTLY OFFTOPIC: I am considering changing the cart to store itself directly in the database, as well as switching sessions to use the DB too, rather than depending on cookies. Is this a good idea? Will it make a big difference?

    SUSPICIOUS EVENTS: There are some 40,000-odd app events in the event viewer that show this message:

    Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 202.181.173.251]

    Does this indicate that someone is trying to hack my database by dictionary/brute forcing the sa account? If so, any suggestions on how I should deal with it? My site depends on this SQL Server Express instance. I might just delete the user, unless there is an externally open port for SQL Server that I dont know about...

  2. #2
    SitePoint Guru
    Join Date
    Jun 2007
    Posts
    690
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    these appear to be problems with application pooling (w3wp.exe)

    You may want to move this thread to an IIS group for better help.

  3. #3
    SitePoint Wizard siteguru's Avatar
    Join Date
    Oct 2002
    Location
    Scotland
    Posts
    3,629
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Login failed: this could just as easily be a bit of code trying to connect to the database but it has the wrong account details defined.
    Ian Anderson
    www.siteguru.co.uk

  4. #4
    SitePoint Member
    Join Date
    Aug 2010
    Posts
    17
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks guys,

    WRT SUSPICIOUS EVENTS:I have disabled disabled remote connections in SQL Server config so if it is an attack we should be protected from it.

    WRT Anonymous User Token Error: I found a forum post that recommends setting IIS Mgr->ASP->Debugging->Run On End Functions Anonymously to FALSE to solve this problem. (It is true by default in IIS7).

    Still not sure about the rest. I have also changed my IIS Mgr->ASP->Session Properties->New ID on Secure Connection setting to FALSE as well. Since my cart depends on cookies which are linked to the session id, I figure this will help reduce problems caused by redirecting to HTTPS..


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •