Skip to content

Tracker marks domain as failing if it encounters a READ_TIMEOUT #6089

New issue
New issue
Open
Open
Tracker marks domain as failing if it encounters a READ_TIMEOUT#6089
Assignees
FestiveKyle
Labels
bugSomething isn't working
@adam2

Description

@adam2
adam2
opened on Jan 29, 2025

Describe the bug
When the Tracker encounters a READ_TIMEOUT error when scanning a domain it marks the domain as failing HTTPS, HSTS, Certificates, Protocols, Ciphers and Curves. This lowers the compliance summaries for an organization. READ_TIMEOUTs occur naturally on the internet. They reflect a general communications error between the Tracker server, its hosting network and the target network/domain. They do not indicate that the domain is not properly configured. In most cases, it is normal to retry a connection after a READ_TIMEOUT, up to a maximum number of times. It should not fail after the first READ_TIMEOUT. If after retrying a few times it still gets a READ_TIMEOUT it makes more sense to me to mark the untestable properties as unknown/information instead of failed.

Doing a manual rescan will generally correct the domain issues, but it does not increase the compliance summaries. Given the regular number of timeouts I am seeing in the tracker, I think this more likely points to a server/network issue with the tracker itself, but it appears on the site that our compliance is dropping.

To Reproduce
Steps to reproduce the behavior:

  1. Login to the Tracker
  2. Go to the Domains section
  3. Add a filter for HTTPS + EQUALS + FAIL
  4. Notice the domains that are failing
  5. Find a domain that was previously passing
  6. Click on the View Results button for that domain
  7. Notice the errors all stem from a READ_TIMEOUT error in the Tracker.
  8. Notice the Protocols, Cipher Suites, Curves, Certificate Chain sections are all blank and marked as Failed.

Expected behavior
A READ_TIMEOUT error on the Tracker side should not mark the domain as failing.

Screenshots

Image

Image

After a manual rescan

Image

Desktop (please complete the following information):

  • OS: Windows 11
  • Browser Mozilla Firefox
  • Version 134.0.2

Additional context
The Summaries tab of the Organization page does not update after a domain rescan. So it regularly shows a lower compliance score caused by READ_TIMEOUTs on the Tracker side.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions