Now this is an interesting problem! We are using the SharePoint 2013 FBA pack on a project that has multiple WFEs. Within the registration process is the ability to use a CAPTCHA image for human validation. The registration page looks something like this.
In our QA system (where internal customers do lots of acceptance testing) we were having an issue where the CAPTCHA picture would not render all the time. Many times it would render as a blank HTML picture box. I ended up testing each WFE server in QA and found they both exhibited the same problem. Sometimes they would be 90% good…other times they’d fail 50% of the time. The most interesting thing about this is our PROD system did not exhibit the same issue, even though it is built the same as QA (yeah, right…we know what that means).
If you look at the link on the picture you’ll see it is generated by a call to the ImageHipChallenge.ashx page and is implemented as shown here.
From what I can tell this is code that’s been around a while, probably since ASP.NET 1.0 or so.
So, what’s different between PROD and QA? After stumbling around a bit, I found the Request Management service was turned off in PROD! If you look under "Services on Server" you’ll find the Request Management service. Here it is stopped in the SharePoint PROD instance…
…and you can see here it was started on the QA SharePoint instance.
Well, that was interesting, so we turned it off in QA and found something even more interesting. Our WFE1 box was working 100% (serving up the CAPTCHA images all the time), while the WFE2 box was working 50%. We knocked heads on this for a while and one of our brilliant guys suggested we try configuring the Request Management Service using PowerShell. Since we are using two WFEs in a "not very heavily loaded environment" we decided that Request Management probably wasn’t buying us a lot anyway. So, using Set-SPRequestManagementSettings we disabled Routing and Throttling.
Retrieving the settings with Get-SPRequestManagementSettings provides the following confirmation.
After doing this, our CAPTCHA images are now being served up correctly 100% of the time! We’re thinking since the Request Management Service was never enabled in production that it is really "not running" while in QA, even when we stopped it in SCA, something about it was still lingering. Note we did not reboot the QA WFEs during any of this configuration change.
We did have the thought about configuring the Request Management Service to not attempt to route the ImageHipChallenge.ashx requests…and we may still try that.