The following errors are being logged in our proxy Apache logs while processing the request with Tomcat Server:
(103)Software caused connection abort: proxy: pass request body failed
proxy: pass request body failed
We've a Apache reverse proxy which serves the request for the client from our Tomcat Server. Sometimes, the request from the proxy returns 502 with the above error. There are no error logs in Tomcat Server Logs correlated with the above errors in Proxy. Also, the request didn't timeout since some of the requests response time is 1 sec and our default timeout is 120 sec.
We've added ProxyBadHeader Ignore to our httpd configuration [Ref: 502 Proxy Error / Uploading from Apache (mod_proxy) to Tomcat 7] and still didn't see any errors in our Tomcat logs.
Have anyone seen this issue earlier?
We recently had this issue after upgrading one of our machines from Tomcat 6 to 7. Someone forgot to change the default apache-tomcat/conf/tomcat-users.xml file from our standard one and so the wrong password was getting checked by the server. Interestingly this results in the 502 Error you saw above. This can be avoided with some decent logging to determine it is actually an auth problem.
Related
I use Apache 2.4 as web server. When it exceeds max connections limit, what response code the client receives from the web server?
Apache throws 504 status code response to client.
504 GATEWAY TIMEOUT
The server, while acting as a gateway or proxy, did not receive a timely response from an upstream server it needed to access in order to complete the request.
We are getting lots of 408 status code in apache access log and these are coming after migration from http to https .
Our web server is behind loadbalancer and we are using keepalive on and keepalivetimeout value is 15 sec.
Can someone please help to resolve this.
Same problem here, after migration from http to https. Do not panic, it is not a bug but a client feature ;)
I suppose that you find these log entries only in the logs of the default (or alphabetically first) apache ssl conf and that you have a low timeout (<20).
As of my tests these are clients establishing pre-connected/speculative sockets to your web server for fast next page/resource load.
Since they only establish the initial socket connection or handshake ( 150 bytes or few thousands) the connect to the ip and do not specify a vhost name, and got logged in the default/firs apache conf log.
After few secs from the initial connection they drop the socket if not needed or the use is for faster further request.
If your timeout is lower than these few secs you get the 408 if is higher apache doesn't bother.
So either you ignore them / add a different default conf for apache, or you rise the timeout having more apache processes busy waiting from the client to drop or use the socket.
see https://bugs.chromium.org/p/chromium/issues/detail?id=85229 for some related discussions
I have been trying to configure a simple pass through proxy using wso2 esb, which points to a REST service in https port.
I had tried doing the same using my development machine (Windows 7) and it is successful.
But when I try repeating the same in production server, in RHEL, I get The system cannot infer the transport information error in system log.
Things Tried
Created passthrough proxy service pointing to https://some.domain.in/something/something.
Tried CURL to https://some.domain.in/something/something and its shows the response properly
Imported certificate from the site to client-truststore.jks. Same was done locally and it worked.
in axis2.xml, edited <parameter name="HostnameVerifier">AllowAll</parameter>under https transporter
Error Message
When clicked in test in configuration console, I got the following message, Invalid address
CURL the proxy service URL, and got Empty response
Checked system logs and saw below logs
Am I missing out something?
I could see in the wso2-error-logs following messages
ERROR {org.apache.synapse.transport.passthru.TargetHandler} - I/O
error: handshake alert: unrecognized_name
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
Then I realised that I was using java 1.6 locally but 1.7 in production.
And in Java 1.7 there are some changes in SSL handling
The JDK 7 release supports
the Server Name Indication (SNI) extension in the JSSE client. SNI,
described in RFC 4366 enables TLS clients to connect to virtual
servers.
In order to bypass this, I added JAVA_OPTS="-Djsse.enableSNIExtension=false" in wso2server.sh and restarted.
This solved my problem.
Not sure if this is the correct way though
This url helped me finally
When i try to login into Artifactory web appliaction ,its showing proxy error. The Error message is below.
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request POST /artifactory/webapp/login.html.
Reason: Error reading from remote server
Apache/2.2.15 (CentOS) Server at XX.XX.XX.XX Port 80
Any Solution for this?
I have a dedicated server. No PHP files were running when i use my website so i tried looking into the apache and used "service httpd status" to check apache status and this is what i am getting
service httpd status
Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator, root#mps-vm1 and inform them
of the time the error occurred, and anything you might have done that
may have caused the error.
More information about this error may be available in the server error
log.
Additionally, a 500 Internal Server Error error was encountered while
trying to use an ErrorDocument to handle the request.
______________________________________________________________
Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips
mod_bwlimited/1.4 Server at localhost Port 80
Can someone please tell me what should i do?