On Wed, Jun 8, 2022 at 3:21 PM Serge Krawczenko <skrawczenko@xxxxxxxxx> wrote: > > We have application server behind httpd as a reverse proxy, > with basic ldap auth, so only ldap authenticated users are able to get into the application. > ( Require valid-user > Allow from all > ) It's usually not a good idea to mix Require (httpd >= 2.4) and Allow (httpd < 2.4) directives together, though I don't see how it could lead to the symptoms you are seeing. > > Everything works well and configuration is very basic. > However, > Sometimes like once in a month or two it fails and httpd stops acting like a reverse proxy. > I.e. https://url/my-app fails with 404 trying to find my-app locally. > (the requested URL /my-app was not found on this server) If there are multiple VirtualHosts on the same IP:port in your server, possibly some requests reach one with no "ProxyPass /my-app ..." defined? It may happen if an unknown Host/SNI is handled by the default vhost for instance, but it wouldn't explain why all the following requests go there (unless the app/something at some point starts redirecting to a different URL). > > It is 'fixed' by restarting httpd and is very annoying for users. > > Debug turned on for proxy and ldap modules and there's absolutely nothing suspicious. > When the situation occurs, there's just no attempt to refer to the 'proxypass' it is > just trying to get the local path immediately. > > It cannot be reproduced as well and there's no specific periodicity for this failure. > Anything i'm missing? Any more debug to turn on? Which httpd MPM and modules are used? It could be a non thread-safe module running on a threaded MPM, corrupting some global state when the load increases. Regards; Yann. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|