: Site access problems Some of my users have trouble accessing my website. Either the site doesn't load at all (Error such as "the server sent no data"), or their browser simply cannot connect

@Si4351233

When you start seeing this intermittent problems and it is affecting customers on a variety of systems, technology platforms, and networks, more often than not the issue is to do with general internet health. Noting the date of your question in January and looking into it what I have been able to find was that there was intermittent problems on and off during January which caused this issue to come up for quite a few people. In a more general sense the troubleshooting questions you should be looking at include...


Is this affecting just one type of browser? If it is affecting just one kind of browser then do some development level testing of your site against that particular browser and see if maybe some recent update to the browser, or some extension combination is affecting something on your site. In your particular case it would be unusual as it should continue to affect the site the same until the extension or browser where changed and should affect most people with that browser and extension combination.
Is this affecting customers of one ISP? Given the way peering is done it can occur that a part of the internet can be blocked to an ISP's customers if they make a mistake in routing configuration on their gateways. This has happened before in Australia where one ISP made a small mistake with their routing configuration on a single gateway servicing just one state which resulted in that ISP's customers in that one state to loose access to all European sites but still maintain access to USA and domestic Australian sites with no issue.
Is this affecting all or a large percentage of your customers? This could indicate an issue with your server or hosting providers network. Not a huge amount you can do here other than raising a support ticket with the provider requesting that they look into it and see if some issue can be identified. On a shared server chances are other clients would have already contacted the hosting provider but with a dedicated server, depending on the network, the fault may or may not be affecting other hosting clients.


In your particular situation I would be tending to look more at a network level issue. I am aware from comments that suggestions where made for service monitoring however I will extend that a little bit further. You note that your hosting provider does monitoring, I would encourage you to do your own monitoring as most hosting providers that do monitoring do systems-centric monitoring which watches for alarms but that doesn't always pick up on everything. Best practice is to do customer-centric monitoring which monitors the performance of the site itself as a website and not just as a network endpoint. The cheap ones will just check to see if the server can be pinged but the better ones will actually perform a HTTP check on the site and check to see that the site itself is coming back, the time it takes to serve, etc, and if thresholds of time are gone over, or the website is offline, or something other than the site is served, then an alarm is triggered and an email is sent. You should also use the services that check from multiple networks around the world as this will give you a better idea on how things are looking as faults can occur that only affect users either in one country, or even just on a limited range of tier 2 or regional tear 1 networks, rather than the internet at large.

Potential Fix From Magento
Based on your comments to this answer I have added this edit based on some further information that I have been able to find.

There appears to be a known error in the Magento core where the logic needed to renew the frontend_cid cookie is missing. Another person encountered the missing cookie though doesnt seem to go into details about what the error it was causing was other than to say that sessions where dying.

Magento provided a patch which they apparently didn't get around to publishing but which the person did publish so you could try giving this a shot and see how it goes. If it is caused by the same root fault the issue will be in app/code/core/Mage/Core/Model/Session/Abstract/Varien.php. What the patch does is replace

if (Mage::app()->getFrontController()->getRequest()->isSecure() && empty($cookieParams['secure'])) {
// secure cookie check to prevent MITM attack
$secureCookieName = $sessionName . '_cid';
if (isset($_SESSION[self::SECURE_COOKIE_CHECK_KEY])
&& $_SESSION[self::SECURE_COOKIE_CHECK_KEY] !== md5($cookie->get($secureCookieName))
) {
session_regenerate_id(false);
$sessionHosts = $this->getSessionHosts();
$currentCookieDomain = $cookie->getDomain();
foreach (array_keys($sessionHosts) as $host) {
// Delete cookies with the same name for parent domains
if (strpos($currentCookieDomain, $host) > 0) {
$cookie->delete($this->getSessionName(), null, $host);
}
}
$_SESSION = array();
}
if (!isset($_SESSION[self::SECURE_COOKIE_CHECK_KEY])) {
$checkId = Mage::helper('core')->getRandomString(16);
$cookie->set($secureCookieName, $checkId, null, null, null, true);
$_SESSION[self::SECURE_COOKIE_CHECK_KEY] = md5($checkId);
}
}


with

if (Mage::app()->getFrontController()->getRequest()->isSecure() && empty($cookieParams['secure'])) {
// secure cookie check to prevent MITM attack
$secureCookieName = $sessionName . '_cid';
if (isset($_SESSION[self::SECURE_COOKIE_CHECK_KEY])) {
if ($_SESSION[self::SECURE_COOKIE_CHECK_KEY] !== md5($cookie->get($secureCookieName))) {
session_regenerate_id(false);
$sessionHosts = $this->getSessionHosts();
$currentCookieDomain = $cookie->getDomain();
foreach (array_keys($sessionHosts) as $host) {
// Delete cookies with the same name for parent domains
if (strpos($currentCookieDomain, $host) > 0) {
$cookie->delete($this->getSessionName(), null, $host);
}
}
$_SESSION = array();
} else {
/**
* Renew secure cookie expiration time if secure id did not change
*/
$cookie->renew($secureCookieName, null, null, null, true, null);
}
}
if (!isset($_SESSION[self::SECURE_COOKIE_CHECK_KEY])) {
$checkId = Mage::helper('core')->getRandomString(16);
$cookie->set($secureCookieName, $checkId, null, null, null, true);
$_SESSION[self::SECURE_COOKIE_CHECK_KEY] = md5($checkId);
}
}


Now if your Magento install is also missing the logic to renew the frontend_cid cookie as you indicate in your comments then this could resolve the issue for you. It was provided as patch SUPEE-7136 but I have been unable to find it published through any official channels at this time, however the other person who encountered this problem only encountered it October last year so it isn't beyond the realms of possibility that you may have a similar issue caused by the same root cause.

Vote Up Vote Down