Seemingly random ip addresses and domains

caddyContainer | 2021/02/02 13:30:36 http: TLS handshake error from 5.121.248.21:49361: read tcp 172.17.0.3:443->5.121.248.21:49361: read: connection timed out
caddyContainer | 2021/02/02 13:30:52 http: TLS handshake error from 5.114.71.141:58459: read tcp 172.17.0.3:443->5.114.71.141:58459: read: connection timed out
caddyContainer | 2021/02/02 13:30:55 http: TLS handshake error from 188.160.212.229:1038: no certificate available for '172.17.0.3'
caddyContainer | 2021/02/02 13:30:59 http: TLS handshake error from 199.30.231.5:44459: no certificate available for 'www.fanimekufxtipo.ml'
caddyContainer | 2021/02/02 13:31:14 http: TLS handshake error from 5.127.232.75:53865: read tcp 172.17.0.3:443->5.127.232.75:53865: read: connection timed out
caddyContainer | 2021/02/02 13:31:21 http: TLS handshake error from 83.120.111.180:54876: no certificate available for 'eyeshirtculture.net'
caddyContainer | 2021/02/02 13:32:20 http: TLS handshake error from 91.99.180.126:2053: read tcp 172.17.0.3:443->91.99.180.126:2053: read: connection timed out
caddyContainer | 2021/02/02 13:32:23 http: TLS handshake error from 168.184.84.226:42877: no certificate available for 'www.mountaininterrobotfront.com'
caddyContainer | 2021/02/02 13:32:25 http: TLS handshake error from 5.112.197.181:13902: read tcp 172.17.0.3:443->5.112.197.181:13902: read: connection timed out
caddyContainer | 2021/02/02 13:32:30 http: TLS handshake error from 46.62.174.4:3576: read tcp 172.17.0.3:443->46.62.174.4:3576: read: connection timed out
caddyContainer | 2021/02/02 13:32:33 http: TLS handshake error from 51.36.4.135:1632: read tcp 172.17.0.3:443->51.36.4.135:1632: read: connection timed out
caddyContainer | 2021/02/02 13:32:35 http: TLS handshake error from 5.208.110.226:47822: no certificate available for 'www.avenueflex.net'
caddyContainer | 2021/02/02 13:32:43 http: TLS handshake error from 151.235.39.95:10056: no certificate available for 'www.duckmonkey.com'
caddyContainer | 2021/02/02 13:32:48 http: TLS handshake error from 195.94.13.10:55294: no certificate available for '172.17.0.3'
caddyContainer | 2021/02/02 13:32:52 http: TLS handshake error from 51.36.13.192:1934: read tcp 172.17.0.3:443->51.36.13.192:1934: read: connection timed out
caddyContainer | 2021/02/02 13:32:54 http: TLS handshake error from 5.114.105.113:37049: read tcp 172.17.0.3:443->5.114.105.113:37049: read: connection timed out
caddyContainer | 2021/02/02 13:33:18 http: TLS handshake error from 2.191.19.29:55944: no certificate available for 'www.shareitspassart.com'
caddyContainer | 2021/02/02 13:33:32 http: TLS handshake error from 5.126.17.105:25912: read tcp 172.17.0.3:443->5.126.17.105:25912: read: connection timed out
caddyContainer | 2021/02/02 13:33:39 http: TLS handshake error from 2.190.223.26:49117: read tcp 172.17.0.3:443->2.190.223.26:49117: read: connection timed out
caddyContainer | 2021/02/02 13:33:39 http: TLS handshake error from 5.160.46.56:35498: read tcp 172.17.0.3:443->5.160.46.56:35498: read: connection timed out
caddyContainer | 2021/02/02 13:33:45 http: TLS handshake error from 5.121.18.58:33051: read tcp 172.17.0.3:443->5.121.18.58:33051: read: connection timed out
caddyContainer | 2021/02/02 13:33:52 http: TLS handshake error from 46.56.245.66:5222: no certificate available for '172.17.0.3'
caddyContainer | 2021/02/02 13:34:04 http: TLS handshake error from 102.87.142.213:35338: read tcp 172.17.0.3:443->102.87.142.213:35338: read: connection timed out
caddyContainer | 2021/02/02 13:34:07 http: TLS handshake error from 41.210.154.233:12409: no certificate available for '172.17.0.3'
caddyContainer | 2021/02/02 13:34:10 http: TLS handshake error from 46.41.197.26:51882: read tcp 172.17.0.3:443->46.41.197.26:51882: read: connection timed out
caddyContainer | 2021/02/02 13:34:21 http: TLS handshake error from 5.122.11.105:47365: read tcp 172.17.0.3:443->5.122.11.105:47365: read: connection timed out
caddyContainer | 2021/02/02 13:34:29 http: TLS handshake error from 154.160.2.59:6744: read tcp 172.17.0.3:443->154.160.2.59:6744: read: connection reset by peer
caddyContainer | 2021/02/02 13:34:35 http: TLS handshake error from 93.117.176.95:65059: no certificate available for 'junctiontownintfusion.com'

The above is a sample from the logs for our caddy container, and there are plenty more similar. We are running caddy using a docker container. None of the ip addresses above, or domains are recognizable to me.

Caddyfile:

subdomain

redir /ui /ui/
handle_path /ui/* {
    root * /app/build/
    file_server
}

handle_path /* {
    reverse_proxy ip:port
}

handle /env-config.js {
    header Content-Type text/javascript
    respond `window.config = {"REACT_APP_WEBSOCKET": "{$REACT_APP_WEBSOCKET}", "REACT_APP_REDIRECT": "{$REACT_APP_REDIRECT}"};`
}
log {
  level DEBUG
}:

Usually a combination of bots probing your sockets, and stray DNS records pointing to your IP. Pretty normal for anything exposed on the Internet.

This doesn’t make any sense. The handle_path directive is meant to strip a prefix from the request. You’re not doing that here, so you should use handle, and omit the path matcher. And for clarity, I would move your env-config.js block to the top, because that’s the order in which they’ll execute.

You haven’t filled out the thread template, so it’s unclear which version of Caddy you’re using. In later versions, we made a change to quiet those lines you’re seeing in your logs, by handling them with our zap logger and changing them to DEBUG level.

Basically, as @matt just said (and ninja’d me ), those are typically just bots crawling the internet and hitting your server. They typically make requests without a domain (because they’re just trying IP addresses blindly), and other times with domains known to them in some database but aren’t served by your site, so TLS handshakes fail.

Those messages are harmless.

This topic was automatically closed after 30 days. New replies are no longer allowed.