Re: PHP-FPM with Reverse Proxy via cannot get to Post

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Appreciate the assistance didn't want to post too many logs on my first message... 

-I tested on reverse NGINX proxy = DID not work
-I tested on NGINX with HTTP AND FastCGI = DID not work (same issue).
I will post the Apache httpd at the end but here is a flavor of working and not working logs. 

WORKING CENTOS instance not PHP-FM

Access _
192.168.22.176 - - [01/Aug/2021:07:17:27 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:17:27 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:29:18 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:29:18 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:29:18 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 20857 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:34:53 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"
192.168.22.176 - - [01/Aug/2021:07:34:53 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 
 200 29747 "-" "GuzzleHttp/7"


Error
[Sun Aug 01 03:07:01.272064 2021] [lbmethod_heartbeat:notice] [pid 991] AH02282: No slotmem from mod_heartmonitor [Sun Aug 01 03:07:01.294063 2021] [mpm_prefork:notice] [pid 991] AH00163: Apache/2.4.6 (CentOS) PHP/7.4.16 configured -- resuming normal operations [Sun Aug 01 03:07:01.294085 2021] [core:notice] [pid 991] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' 

=-===================================================================================================================================


NOT WORKING NGINX (HTTP & Fastcgi):


Access
192.168.23.162 - - [01/Aug/2021:17:20:10 -0400] "GET / HTTP/1.1" 200 57 "-" "Mozilla/5.0 (X11; FreeBSD amd64; rv:87.0) Gecko/20100101 Firefox/87.0" 192.168.23.162 - - [01/Aug/2021:17:42:29 -0400] "GET / HTTP/1.1" 200 37 "-" "Mozilla/5.0 (X11; FreeBSD amd64; rv:87.0) Gecko/20100101 Firefox/87.0" 192.168.23.217 - - [01/Aug/2021:17:47:17 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1694425 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:47:18 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1694485 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:48:03 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695324 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:48:03 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695377 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:48:03 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695342 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:48:03 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695342 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:52:34 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695252 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:52:34 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695376 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:52:34 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695382 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:32 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1694733 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:33 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1693825 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:33 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695415 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:48 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695344 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:49 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695347 "-" "GuzzleHttp/7" 192.168.23.217 - - [01/Aug/2021:17:53:49 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 500 1695390 "-" "GuzzleHttp/7" 



Error = This is from the previous test NO error output on NGINX
2021/08/01 17:13:48 [error] 36455#100463: *1 upstream prematurely closed connection while reading response header from upstream, client: 192.168.24.162, server: local.labs.com, request: "GET / HTTP/1.1", upstream: "http://192.168.2.157:8080/index.php";, host: "local.labs.com" 


=-===================================================================================================================================

NOT WORKING APACHE (PHP-FPM & File handler/reverse):

Access
127.0.0.1 - - [31/Jul/2021:11:39:26 -0400] "POST /api/v1/state-search-location HTTP/1.0" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:07 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:07 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:08 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:09 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:09 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 127.0.0.1 - - [31/Jul/2021:11:42:09 -0400] "POST /api/v1/state-search-location HTTP/1.1" 404 196 
192.168.23.162 - - [01/Aug/2021:18:04:05 -0400] "GET / HTTP/1.1" 200 26
192.168.23.217 - - [01/Aug/2021:18:07:07 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 192.168.23.217 - - [01/Aug/2021:18:07:07 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 192.168.23.217 - - [01/Aug/2021:18:09:14 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 192.168.23.217 - - [01/Aug/2021:18:09:15 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 192.168.23.217 - - [01/Aug/2021:18:09:17 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 192.168.23.217 - - [01/Aug/2021:18:09:17 -0400] "POST /api/v1/zip-code-search HTTP/1.1" 404 196 

Error =  (NONE that I could see
[Sun Aug 01 18:04:00.406493 2021] [proxy:debug] [pid 98742:tid 34374492160] proxy_util.c(2103) : AH00927: initializing worker unix:/var/run/php-fpm.sock|fcgi://localhost/usr/local/www/local. labs.com/public local [Sun Aug 01 18:04:00.406625 2021] [proxy:debug] [pid 98742:tid 34374492160] proxy_util.c(2134) : AH00930: initialized pool in child 98742 for (localhost) min=0 max=25 smax=25 [Sun Aug 01 18:04:00.406691 2021] [proxy:debug] [pid 98742:tid 34374492160] proxy_util.c(2043) 
: AH00925: initializing worker proxy:reverse shared
[Sun Aug 01 18:04:00.406724 2021] [proxy:debug] [pid 98742:tid 34374492160] proxy_util.c(2103) 
: AH00927: initializing worker proxy:reverse local
[Sun Aug 01 18:04:00.406789 2021] [proxy:debug] [pid 98742:tid 34374492160] proxy_util.c(2134) 
: AH00930: initialized pool in child 98742 for (*) min=0 max=25 smax=25
[Sun Aug 01 18:04:00.406132 2021] [proxy:debug] [pid 99297:tid 34374492160] proxy_util.c(2043) : AH00925: initializing worker unix:/var/run/php-fpm.sock|fcgi://localhost/usr/local/www/local.labs.com/public shared [Sun Aug 01 18:04:00.407015 2021] [proxy:debug] [pid 99297:tid 34374492160] proxy_util.c(2103) : AH00927: initializing worker unix:/var/run/php-fpm.sock|fcgi://localhost/usr/local/www/local.labs.com/public local [Sun Aug 01 18:04:00.407212 2021] [proxy:debug] [pid 99297:tid 34374492160] proxy_util.c(2134) : AH00930: initialized pool in child 99297 for (localhost) min=0 max=25 smax=25 [Sun Aug 01 18:04:00.407304 2021] [proxy:debug] [pid 99297:tid 34374492160] proxy_util.c(2043) 
: AH00925: initializing worker proxy:reverse shared
[Sun Aug 01 18:04:00.407344 2021] [proxy:debug] [pid 99297:tid 34374492160] proxy_util.c(2103) 
: AH00927: initializing worker proxy:reverse local


PHP-FPM logs are clean just a bunch of nothing when POST
[01-Aug-2021 18:36:04.111882] DEBUG: pid 92999, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1 [01-Aug-2021 18:36:05.121988] DEBUG: pid 92999, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1 [01-Aug-2021 18:36:06.153745] DEBUG: pid 92999, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1 [01-Aug-2021 18:36:07.171093] DEBUG: pid 92999, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1 [01-Aug-2021 18:36:08.189932] DEBUG: pid 92999, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
After many tests, I have concluded that what is happening is that header is not being sent to PHP-FPM since we use authorization and access, no response payload is being provided on POST with PHP-FPM (my findings).
The app does header authentication via JWT and outside of the authentication access, view & function of the app is as expected. 


Cookie/Storage/Header on WORKING has 5 FIELDS
_APP_LANG
_pk_id
_pk_ref
"name" session
XSRF-TOKEN

Cookie/Storage/Header on NOT WORKING has 4 FIELDS
_APP_LANG
_pk_id
"name" session
XSRF-TOKEN


_pk_ref (DOES NOT SHOW on FAIL POST)
Have not had much success in finding information on the passing header, any help guide/guidance on how to properly pass the header appreciate it (HEADER is DYNAMIC)... 

-

Josh



On 2021-07-31 17:43, Frank Gingras wrote:

The error log entries on the httpd and php-fpm side will be helpful to
continue troubleshooting.

A POST request is not typically a problem for this configuration.

On Thu, 29 Jul 2021 at 23:47, JEA Holdings LLC
<info@xxxxxxxxxxxxxxxxxxx> wrote:


Hello...

Our project has moved to a new OS that needs PHP-FPM I got the httpd
to
work sites are serving no problem via Unix Socket using FastCGI mod

ProxyPassMatch ^/(.*\.php(/.*)?)$


unix:/path/to/socket.sock|fcgi://localhost/path/to/your/documentroot/


+
Reverse with

<FilesMatch "\.php$">
# Note: The only part that varies is /path/to/app.sock
SetHandler "proxy:unix:/path/to/app.sock|fcgi://localhost/url"
</FilesMatch>

SITE HTTP/View is accessible but the problem is with POST, in CENTOS

environment works without any configuration because no php-fpm.

I am getting error 500 when going over 80

192.168.1**.* - - [29/Jul/2021:22:12:19 -0400] "POST "URL_WEB_HOOK

HTTP/1.1" 500 1754568 "-" "GuzzleHttp/7"

VIA CURL in the box/VM

192.168.**.1** - - [29/Jul/2021:23:05:20 -0400] "POST
[API_WEB_HOOK_URL]
HTTP/1.1" 404 6609 "-" "curl/7.77.0"

Virtual host, I have tried with/without handler/reverse to the sock.

<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
#    RewriteRule ^index\.html$ - [L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#    RewriteRule . /index.html [L]
RewriteRule . /index.php [L]
#    RewriteCond %{HTTP:Authorization} ^(.*)
#    RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
RewriteRule (.*) - [H=text/html]
</IfModule>

.htaccess on PHP DIRECTORY/Project

Options +FollowSymLinks
#AllowOverride All
#Require all granted
#SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
#    RewriteCond %{HTTP:Authorization} ^(.*)
#    RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

I have tried few alternative ideas but can't get POST to work.  Not
sure
if relevant but we use authorization via header. Any assistance will
be
appreciated going on 4+ days strong tested briefly with reverse
proxy
via Nginx also.

Server version: Apache/2.4.48

-
Thank you, Josh

--
_________________________________________________________

IMPORTANT: The information contained in this communication is
confidential
and/or legally privileged, and should be for the use only of the
addressee(s).  If you are not the intended recipient, please contact
the
sender and destroy all copies of this message and any attachments.
Any
disclosure, copying, distribution or taking any action in reliance
on
this
information other than by the intended recipient is strictly
prohibited
and may be unlawful.



---------------------------------------------------------------------

To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


--
_________________________________________________________
IMPORTANT: The information contained in this communication is confidential 
and/or legally privileged, and should be for the use only of the
addressee(s).  If you are not the intended recipient, please contact the
sender and destroy all copies of this message and any attachments.  Any
disclosure, copying, distribution or taking any action in reliance on this 
information other than by the intended recipient is strictly prohibited
and may be unlawful.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux