Apache :: Awkward Delay / Hang While Using Proxy
Apr 11, 2013
I am using apache proxypass to proxy to 4 different ports (java/jsp applications) with the following configurations (for each):
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName *****.org
ProxyPass / http://*****.org:8080/ retry=0
ProxyPassReverse / http://*****.org:8080/
</VirtualHost>
Everything seems work fine until an awkward delay / connection timeout occurs. The web application hangs for about 5 to 15 seconds and starts working normally after that period. It's certainly not the application's issue because everything is fine when using IP address to access it.
When I enabled the debug log in apache, I found out that every time the server seems to hang, the following error appears in the apache error log and the number of apache child processes keep on increasing (ps aux | grep apache).
[Thu Apr 11 10:20:41 2013] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 4 in child 13208 for worker proxy:reverse
[Thu Apr 11 10:20:41 2013] [debug] proxy_util.c(1837): proxy: worker proxy:reverse already initialized
[Thu Apr 11 10:20:41 2013] [debug] proxy_util.c(1934): proxy: initialized single connection worker 4 in child 13208 for (*)
[Thu Apr 11 10:20:41 2013] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 3 in child 13208 for worker http://*****.org:8080/
.....
Also, the access log (access.log) completely stops during that hang period.
This debug message keeps on repeating as long as Apache/web-application is not responding. The application starts to work normally after that duration and the number of apache child process decrease to the normal number.
Apache version : 2.2.16 (Debian)
OS : Debian GNU/Linux 6.0
root@server:~# apache2 -V
Server version: Apache/2.2.16 (Debian)
Server built: Nov 30 2012 08:58:36
[Code]....
View 3 Replies
ADVERTISEMENT
Mar 13, 2013
I'm running Apache 2.4.4 Win32 on a Windows 2008 server. When trying to optimize a website I noticed a random reoccurring 2550ms delay in Time To First Byte. A file could have a TTFB of 200ms several times but suddenly it would get 2750ms. This could be a static file (image, html, js) or php. I've measured using ApacheBench (locally and remotely), webpagetest.org and bytecheck.com. After much trial and error I found the problem was with mod_rewrite. Disabling this and everything is fine.
I have setup a blank/new install with only basic config change (Listen, ServerRoot etc) to replicate result without anything else interfering. Following is the rewrite section I add to config.
Code:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule (^/Pictures.*) /$1 [L]
</IfModule>
After Apache has started I execute "ab http://my.example.com/Pictures/Thumbnails/tmb_400X400_FFFFFF_660.jpg" and always get the delay. If I execute again it's normal. If I wait at least 30 seconds I get the delay. Following is a section from error.log with trace8 logging.
Code:
[Tue Mar 12 23:28:56.123519 2013] [rewrite:trace3] [pid 7624:tid 888] mod_rewrite.c(468): [client 69.x.y.90:36279] 69.x.y.90 - - [my.example.com/sid#42c748][rid#26df0d0/initial] applying pattern '(^/Pictures.*)' to uri '/Pictures/Thumbnails/tmb_400X400_FFFFFF_660.jpg'
[Code] ....
As you see from line 3 to line 4 the time skips 2550ms. When the TTFB is normal then the log is identical except time doesn't change from line 3 to line 4. If I delete the rewrite section in config then TTFB is always normal, no matter what.
When I testet on the live server the time for fully loaded increase from 3800-4000ms to 8500-10500ms when mod_rewrite is enabled. And that is about 30 requests (php+css+js+images). So the impact is significant.
What can this be? I'm having a hard time believing it's a bug. Isn't mod_rewrite used a lot? I'm running Ubuntu (linux) at home, I'm going to install Apache there and see if I get the same result.
View 12 Replies
View Related
Apr 4, 2008
I have a dedicated server running CentOS which has been been running fine for a while now.
On the odd day Apache used to hang, I presume due to load so I installed SIM (System Integrity Manager) to check the status of httpd and to re-start when necessary.
Every now and again SIM would email saying that apache was re-started, no big deal.
Then this morning I got a email from SIM saying apache was down but couldn't be re-started. I then logged into the shell and tried to do a: service httpd restart
I then got a message saying something like: could not bind to port 80. I then tried to kill all httpd processes and re-start apache but the problem persisted. I then just rebooted my server and apache started fine.
Since then I have had hundreds of emails from SIM saying that it has had to re-start apache. Somehow it is detecting it as down and re-starting it. Apache seems to be up and fine. Re-installing SIM does not help.
The weird thing is when I logged in using Putty I got the "server's host key did not match the signature supplied" message like something had changed.
Rkhunter does not return anything just a couple of warnings.
Does anybody know what would cause sim to constantly detect Apache as down in this situation and also how this could happen with no changes being made?
View 1 Replies
View Related
Mar 1, 2013
I am using Apache 2.2.22 on Windows Server 2003 64 Bit, using PHP 5.2.17. System Specs are 4 x 2.0 Ghz processor, 4 GB of Ram.
I'm noticing when I load my website [URL] .... there is about a 2000ms delay before the page starts to load.
How can I make Apache load faster?
View 1 Replies
View Related
Jun 10, 2013
I'm using the isapi rewrite module for iis 6 which uses the exact same syntax as mod_rewrite in apache. I'm not very well versed in apache and need getting this to work asap. Basically I have a directory in our website: URL....
I need to forward this to an IP address, for example to this address:100.12.33.45/folder.While keeping the original URL (www.xyz.edu/folder). I'm unsure of the apache syntax for this.
View 3 Replies
View Related
Jul 13, 2014
I have the following setup in my apache vhost:
Code:
ProxyPass /abc http://www.newest.com/
ProxyPassReverse /abc http://www.newest.com/
I want to setup a failover approach in which if after a particular timeout say 10secs the load shifts to some other website like Refer.com | The world. The timeout should be in Proxy Pass and if timeout occurs it shifts to Refer.com | The world
View 1 Replies
View Related
Mar 5, 2008
Im using AJAX on my site and i need to access a seperate server instance on a different port. AJAX wont allow me to do that so i want to use Apache as a proxy but only for one page.
View 4 Replies
View Related
Nov 19, 2013
I have Apache 2.4.6 on a Windows Server 2008 (windows build from apachelounge). I want to use it as reverse proxy cache with mod_cache_disk.
My configuration is:
Code:
<IfModule cache_module>
<IfModule cache_disk_module>
CacheRoot C:/temp/cache
CacheEnable disk /
CacheDirLevels 2
CacheDirLength 3
[Code] .....
Loading a page with ~150 files (most images and js files) i keep runing into "locked requests" that are not comeing back and block the whole page from finishing loading. The files differ every time.
I see this warnings in my error.log (looks like they are connected to the behauviour above).
Code:
[Tue Nov 19 20:38:10.890013 2013] [cache_disk:warn] [pid 216692:tid 15924] (OS 5)Access is denied. : [client x.x.x.x:58963] AH00699: rename tempfile to file failed: C:/temp/cache/aptmpcBQArf -> C:/temp/cache/H8Cta/9ha4U/Uhhhs/OlQfU/1Q.data,
[Code] .....
View 1 Replies
View Related
Apr 22, 2014
I m trying to setup a reverse proxy with several site that will redirect the request into several internal server.I wanted to do that with several VirtualHost (like shown below). Unfortunatly whatever I type on my browser testsupport.xxxx.com or support2.xxxx.com I m redirected at the first of the config file (in the exemple http://10.253.12.41/.Is it the ServerName key that will redirect to the right proxypass ?
<VirtualHost *>
ServerName testsupport.xxxx.com
ProxyRequests Off
ProxyPass / http://10.253.12.41/
ProxyPassReverse / http://10.253.12.41/
</VirtualHost>
<VirtualHost *>
ServerName support2.xxxx.com
ProxyRequests Off
ProxyPass / http://10.253.11.31/
ProxyPassReverse / http://10.253.11.31/
</VirtualHost>
View 10 Replies
View Related
Nov 23, 2014
We are struggling to configure our Apache reverse proxy (on WIN 2008) server to force https.
We have the cert installed on the proxy server, and it seems to be working but we are unable to force connections to https: and the site is still available via http:
How do you enforce https on the site?
reading read about the .htaccess file, virtual hosts but still having a hell of a time putting it all together
Internet -> SSL -> Apache 2.2 -> HTTP -> web app
View 2 Replies
View Related
May 30, 2013
I have a setup where Apache connects to a F5 load balancer which in turn balances between two jboss app servers.
Apache using mod_proxy -> F5 (hardware load balancer) -> 2 jboss application server
It uses jsessionid. I sometimes get 500 errors for the post methods. I think the request goes to the incorrect jboss server because of the F5 load balancer. Everything works just right when I shutdown one of the jboss app servers.
View 1 Replies
View Related
Apr 24, 2014
I'm trying to do a setup of alfresco.It has two basic sites. [URL]. Both use kerberos authentication. Alfresco has SSO and share has not. Both sites are on the same server (its just one site but different subs)
I want to put this behind a reverse proxy to eliminate the servername:port combination.
When I put it in a normal config with ajp everything works fine for the share website. I can login without problems. Not so however for the alfresco website. I get a browser login request (not the alfresco one) when i enter my credentials he asks them again and again and then he ends on the regular login page of alfresco at which point everything works. The username I entered is displayed at this point. When I do not enter my credentials correct I do not reach the page.
If I remove the SSO from the alfresco website everything is normal (but i have to login)
View 3 Replies
View Related
Aug 12, 2014
I have apache 2.2 on Linux going through the a firewall to a backend sharepoint server. My sharepoint application has anonymous and authenticated traffic. This works fine most of the time but we randomly get (104)Connection reset by peer: proxy: error reading status line from remote server. I was able to fix this by adding *SetEnv force-proxy-request-1.0 1 *SetEnv proxy-nokeepalive 1 *RequestHeader unset Expect early But after I added this I was then no longer able to log in. I would receive a *HTTP/1.1" 401 my understanding is KeepAlive is required for NTLM to work so making sure I can stop the connection resets which are unacceptable and still allow the authenticated users to log in.
View 4 Replies
View Related
Apr 6, 2015
I'm currently in the process of configuring a red hat linux server as a proxy server for a number of back end web servers. I set up reverse proxying to hide the web server url's, but I've run into a problem with the second web server, because some of the directory structures are identical on both servers.
View 2 Replies
View Related
May 14, 2013
I am having a little trouble getting a reverse proxy redirect to work. I have a Linux server running Apache2. I have installed SABnzbd+, Sickbeard, Couchpotato & Headphones onto this device. I want to access SABnzbd+, Sickbeard, Couchpotato & Headphones from the outside world (via a DYNDNS name).
I know that I could just forward the ports through the router, but I don't want all the extra ports opened. I was told that I can have Apache to do a revers proxy, but I can't get it to work. I basically want to be able to do type myname.dyndns.org/sickbeard instead of typing in myname.dyndns.org:8081.
View 1 Replies
View Related
May 23, 2015
I'm trying to fix a problem with open proxy on my website. It's running ubuntu & apache2. I also run pfsense for a firewall with snort. I have a SSL for the website, so I have regular port 80 redirect to https.
At first I did notice right away when I checked & saw this happen that proxy was turned on. So I got that turned off.
My firewall is still allowing these bad IPs to port 80. I would like to figure out what I could turn on the firewall or snort to stop those connections in addition to what needs fixing in apache. I've read the solution is to make the redirects go to a 403 error page.
I also tried adding a mod_security rule but ended up blocking all people from website, though I may have accidentally turned some other rules on too.
There are a few different problems it looks like.
First - It looks like they're trying to connect to my HTTPS then redirect to an ad through my domain name?
Second - It looks like they're still trying to use my website for open proxy but directly accessing ib.adnxs.com through my port 80. My logs indicate I'm redirecting to a 301 page.
View 2 Replies
View Related
Dec 25, 2013
Have run through a bunch of threads on mod_proxy race conditions, possible causes, and potential solutions.
What is the status? Is there a fix for this, maybe in 2.4.7?
On 2.4.3 in production we literally have 10K errors in the past 2 months along the lines of:
Code : AH00898: Error reading from remote server returned by...
Application server (JVM webapp) issues no errors at the time of mod_proxy error occurring. It seems then that mod_proxy is sporadically broken, which is horrible for end users accessing an otherwise rock solid production application.
View 8 Replies
View Related
Nov 5, 2014
I am running a few different web servers on my home network and have found a way of binding each wb server (and any virtual hosts) to domain names and having a "central" web server rerouting a request to the appropriate server using reverse-proy. at the moment, this central web server is IIS (Windows Server 2008 R2) based and it works perfectly. I want to change the central server to an Apache based one.
As an example; I want the central server to see an incoming http request (e.g sub.domain.com) and reroute it using reverse-proxy to a different web server that wouldn't normaly be accessible from the Internet (e.g 192.168.1.122/index.html).
My question is how do you reverse-proxy to a different server on the LAN with mod_rewrite in Apache?
View 1 Replies
View Related
Oct 24, 2008
I'm running both Apache (on port 81) and Lighttpd (port 80) on my VPS. I would like to have Apache run CGI/Perl scripts only for virtual hosts in the Lighttpd.conf. My Lighttpd.conf already has fastCGI enabled though.
View 3 Replies
View Related
Nov 10, 2014
a question on mod_proxy. We're using mod_proxy as a simple reverse proxy (ProxyPass & ProxyPassReverse) to reverse-proxy various back-end PHP and Mono/.NET apps.
One problem we see is that when the back-end PHP app suffers an error (e.g. a 404 or 500) , then mod_proxy ignores the nicely-formatted custom error page served up by our PHP app, and instead serves a very plain generic mod_proxy 404 or 500 error page back to the client. Is there a way to configure mod_proxy to serve up the 500/404 error page content which is created by the back-end app ?
(We thought ProxyErrorOverride might work, but it seems to be intended for the opposite scenario, where I want to *ignore* the 404 page content from the back-end and show a mod_proxy-defined error page instead.We're using apache 2.2 on 64-bit CentOS 6.5 ( httpd-2.2.15-31.el6.centos.x86_64 )
Config like:
...
ProxyPass /abc/ http://server4/abc/
ProxyPassReverse /abc/ http://server4/abc/
View 1 Replies
View Related
Jul 18, 2013
I am having an issues with a link in share point which is like
[URL]...
This %20 resolves to a black space and to avoid issues the url is appeneded with %20
Unable to map this directory in httpd.conf file like below
ProxyPass /Shared Documents/Forms/ [URL]...
ProxyPassReverse /Shared Documents/Forms/ [URL]...
I get the below error message
Syntax error on line 1882 of /etc/httpd/conf/httpd.conf:
Invalid ProxyPass|ProxyPassMatch parameter. Parameter must be in the form 'key=value'.
View 6 Replies
View Related
Oct 12, 2012
I am trying to set up a reverse proxy to the application Surveillance Station on my Synology NAS. Altough the reverse proxy works ok for other apps like Webadmin, Download Station and such, parts of the Surveillance Station app do not work, particulary the Live View & Time Line.
From the logs, I suspect an authorisation problem (because of the 401), but I'm not sure. I have tried ProxyPreserveHost on, ProxyVia full, and some rewrite rules, but I'm not sure what I'm doing Direct access to the port of the app works (i.e. 83.xxx.x.xxx:9900), so i know it has something to do with the reverse proxy.
a snippet of my httpd-vhost.conf-user:
View 1 Replies
View Related
Mar 11, 2013
Some of websites like youtube and facebook are blocked in my country and we can't access them .in addition most of tunneling protocols like PPTP are blocked too . I want to create a website that tunnels between our network and this website like proxy or other ways. Scripts like phpProxy are not secure and many websites don't permit the visitors who come with this scripts. A very good sample for my idea is walww.com . This websites is like alternate for blocked addresses like facebook, but it's premium and require charging cash .
How can I create website like walww.com . I have my own VPS and Host for this issue. Is that possible to serve this blocked websites trough proxy by configuring apache settings?
View 1 Replies
View Related
Oct 28, 2014
I just installed httpd-2.4.10-win32 and I can't make mod_rewrite to work :
What I'd want is a proxy to receive a print.xxxx.com/appl uri and forwards to appl.serveur.xxxx.com:8080/streammaster
I do
RewriteCond %{HTTP_HOST} print.xxxx.com
RewriteRule /appl/ http://appl.serveur.xxxx.com:8080/streammaster [P]
and I get a redirect : 192.168.250.50 - - [28/Oct/2014:14:55:19 +0100] "GET /appl/ HTTP/1.1" 302 - mod_proxy is loaded and works of course.
I've tried lot of variations (it works the same in a virtual host without rewritecond) to no avail.
View 4 Replies
View Related
Apr 17, 2013
Own Build Apache 2.4.4 (32bit) with IPv6 support Openssl 1.0.1e on Windows Server 2012.
We implemented this as a reverse proxy with Exchange 2010 behind it. We published Webmail out through Apache. Thought it was going well until users reported strange things. Exchange Web Services users were sending email and they arrived having been posted from another user's mailbox. Also, sometimes viewing the mailbox provides a view of somebody else's mailbox.
We checked out the logs on the Exchange CAS server and what appears to be happening is that the body of the post is being sent with the header of another post.
View 2 Replies
View Related
Jan 8, 2015
I have diesel generator controller card (IB Lite made by Comap) and the built-in webserver supports only a single user/session connected.
I want to set apache in front and serve multiple connection while apache is keeping a single session with the IB Lite card in background no matter how sessions it have.
I tried ProxyPass but it doesn't seems to be a solution.
Is this possible?
View 1 Replies
View Related
Dec 13, 2013
I've been working with the Apache server (primary under CentOS, but some under Red Hat and on XAMPP stacks as well) and have been tasked with a project.
Periodically, we need to have our web sites down for maintenance - updates, backups, etc. What I've been told to do is find a way to have a 'front end' to our web sites so that, when they are down for maintenance, that then end-users will receive a message 'This site is down for maintenance till XX:XX AM/PM' or such.
Here are my questions:
- What would you call what I am trying to setup? The reading I've done implies that what I really want to setup is a reverse proxy server. Is that what I want to do?
- If it isn't a reverse proxy I want to set up, what do I want to setup?
- Of the different types of solutions available, What I could use for this? I've read about using Nginx in front of Apache, I've heard of Squid, I've heard about Tomcat.
- Is this a type of 'clustering/high availability' project I'm really looking at here? I've been hearing those terms thrown about as well.
In case it makes any kind of a difference, the Apache instances are pretty simple - PHP, MySQL and that's about it - not very involved (for now). I'm hoping that I can learn what/how to do this correctly and, when I'm ready to add more capabilities, that I'll be able to extrapolate out from there what I'd need to do.
View 2 Replies
View Related
Dec 4, 2013
Environment(home server/learning):
-1 Public IP
-Host Windows Server 2008 R2 AD/DNS/Hyper-V (server0)
+ VM Windows Server 2008 R2 Exchange 2010/IIS (server1)
+ VM Ubuntu server 13.11 Apache 2.4.6 with virtual hosts (server2)
+ VM Windows Server 2008 R2 Blackberry Enterprise Server running on a Jboss webserver (server3)
-All port 80,443 requests points Ubuntu server 13.11 (server2)
Within Apache 2.4.6 I have virtualhost where the setup are as followed
SomeWebsite:80
SomeOtherWebsite:80
Mail.server1.com:443 (internet <---> server2 reverse proxy:443 +CERT <---> 443+CERT server1)
Bes.dnsname.com:443 (internet <---> server2 reverse proxy:443 +CERT <---> 443+CERT server3)
The problem:
For learning purpose I am configuring a blackberry enterprise server(bes) on server3. It's a clean installation with only the needed applications to run a bes. Because I only have 1 public ip I am trying to reverse proxy this webservice two like server1. The bes webservice is configured to accept connections on port 443. So my first web.conf setup was similar to the setup I used for server1 but I noticed that the webpage was displayed but I couldn't interact with the page because it was a java application. So digging deeper into this i found that the webpage that bes provided me to use isn't the real application but more like a iframe setup.
Example:
BES Console address: https://server3.com/webconsole/login
Real address: https://server3.com/websconsole/app
Unfortunately after finding this and editing my web.conf to proxypass reverse to this real address I encountered a other problem. The bes webconsole works with session is and parameters
Example:
https://bes.server3.com/webconsole/app;jsessionid=2C10DDA521DB8408479AAD8F34255C7F? component=login.goToChangeLanguagePageLink&consoleSId=&page=Login&service=direct&session=T
Current httpd.conf for server3:
<VirtualHost *:80>
DocumentRoot /var/www/bes.server3.com
ServerName bes.server3.com
<Directory "/var/www/bes.server3.com">
allow from all
Options +Indexes
</Directory>
[code]....
View 1 Replies
View Related
Sep 20, 2014
I am using a Windows 7 and the proxy server is working fine. However, I need to run a web content filtering on the server. This should be able to replace or change specific words or phrases from an incoming html and deliver it to the client. I have searched the internet for days for a working configuration but none of them worked. Here is the current configuration I added on the httpd.conf file:
<IfModule mod_ext_filter.c>
ExtFilterDefine add-tm mode=output intype=text/html/php cmd="Apache/bin/GnuWin32/bin 's/Company1/MyCompany1/g'"
SetOutputFilter add-tm
</IfModule>
<Location "/web/">
SetOutputFilter add-tm
OutputSed "s/Company1/MyCompany1/g"
</Location>
I have also uncommented these modules:
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
View 1 Replies
View Related
May 25, 2015
Behind a pfsense box we have a computer who act as a forward proxy with apache. At the end we have the family computer.This is the problem: i can't hide the forward proxy on internet, the forward proxy is reported "detected".
View 2 Replies
View Related
Dec 21, 2012
Currently i am trying to install an Apache 2.4.3 as a caching reverse proxy. I would like to use memcached as my cache backend. I figured out there is a mod_socache_memcache, which from my understanding, should do exactly that(in combination with mod_cache_socache). So i compiled mod_cache_socache from trunk, loaded mod_cache, mod_cache_socache and mod_socache_memcache, but now i am stuck with the configuration. Here is what i tried:
LoadModule socache_memcache_module modules/mod_cache.so
LoadModule mod_cache_socache modules/mod_cache_socache.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
[code]....
where do i configure the path to my memcached instance? The reason for memcached as chaching backend, is that the machine is a windows machine, and from my understanding mod_cache_disk is not as efficient on a NTFS filesystem as it is on EXT3/4.
Another reason is, that later on there should be a possibility to put a second Reverse Proxy machine which shares the cache with the first one by using the same memcached instance (is that possible at all?).
View 2 Replies
View Related
