Atualmente, tenho um aplicativo intermediado por dois servidores da web separados. Um servidor da Web está executando o Apache 2.2 enquanto o outro servidor da Web está executando o Apache 2.4. Embora algumas das configurações devam ser alteradas para acomodar o Apache 2.4, a configuração entre esses dois servidores da Web é essencialmente a mesma (estávamos atualizando os servidores da Web).
Este aplicativo funciona bem quando intermediado por proxy através do Apache 2.2, no entanto, ao acessar o aplicativo através do Apache 2.4, eu me deparo com um problema.
O aplicativo que estou acessando está constantemente pesquisando dados enviando solicitações AJAX sucessivas. Após um determinado período de tempo / solicitações (não parece ser consistente), o servidor da web Apache 2.4 retorna um erro 401 Unauthorized, fazendo com que o aplicativo falhe. Tenha em mente que ele funciona sem problemas por um período de tempo, no entanto, o erro 401 sempre se apresenta dentro de alguns minutos.
Ao acessar o aplicativo através de um IP interno ou através do servidor web Apache 2.2, não encontro esse problema, o que me leva a acreditar que o Apache 2.4 está causando o problema. Algo a ver com as solicitações sucessivas dentro de um curto período de tempo?
Existe uma configuração que eu preciso incluir no Apache 2.4 para que as coisas funcionem corretamente? Não sei por que o erro 401 não se apresenta inicialmente (tudo funciona bem inicialmente), mas o faz depois de um curto período de tempo.
Por favor, deixe-me saber se você precisar de mais informações. Eu posso fornecer qualquer arquivo .conf que seja necessário. Sua ajuda é muito apreciada.
Atenciosamente
EDIT: Apache 2.4 arquivo 'apache2.conf' (comentários removidos):
Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
ServerLimit 2000
<IfModule event.c>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 150
ThreadLimit 64
ThreadsPerChild 25
MaxClients 2000
</IfModule>
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel debug
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
EDIT 2: Configuração do Host Virtual do Apache 2.4
<VirtualHost *:80>
ServerName application.url.com:80
ServerAlias application.url.com
ServerAdmin [email protected]
DocumentRoot /sharedfilesystem/htdocs
<Directory />
Options -Indexes +FollowSymLinks
AllowOverride None
</Directory>
<Directory /sharedfilesystem/htdocs>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride None
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/application.url.com/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/application.url.com/access.log combined
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/maintenance.html -f
RewriteCond %{REQUEST_FILENAME} !/maintenance.html
RewriteRule ^.*$ /maintenance.html [L]
RewriteCond %{QUERY_STRING} !^$
RewriteCond %{QUERY_STRING} ^referredBy=.*$ [NC]
Include conf.d/*.conf
</VirtualHost>
EDIT 3: arquivo Apache 2.4.conf:
<Location "/ApplicationName">
ProxyPass http://xx.x.x.xxx:8081/ApplicationName
ProxyPassReverse http://xx.x.x.xxx:8081/ApplicationName
</Location>
Alias "/scripts" "/sharedfilesystem/scripts"
<Directory "/sharedfilesystem/scripts">
Options None +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Alias "/css" "/sharedfilesystem/css"
<Directory "/sharedfilesystem/css">
Options None +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Alias "/images" "/sharedfilesystem/images"
<Directory "/sharedfilesystem/images">
Options None +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Macro Template $templateName>
AliasMatch (?i)^/$templateName(.*) "/sharedfilesystem/$templateName/htdocs$1"
<Directory "/sharedfilesystem/$templateName/htdocs">
Options None +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</Macro>
Use Template TemplateName
EDIT 4: Saída do Comando CURL:
* About to connect() to application.url.com port 80 (#0)
* Trying xx.xx.xx.xx... connected
> GET /ApplicationName HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: application.url.com
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Date: Wed, 10 Jan 2018 17:17:30 GMT
< Server: Apache-Coyote/1.1
< Location: http://application.url.com/ApplicationName/
< Content-Length: 0
< Content-Type: text/plain
<
* Connection #0 to host application.url.com left intact
* Closing connection #0
EDIT 5: Erro do host virtual:
[proxy_http:error] [pid 2139:tid 140080089888512] (104)Connection reset by peer: [client xx.x.x.xx:57710] AH01102: error reading status line from remote server xx.x.x.xxx:8081, referer: http://application.url.com/ApplicationName/control?vi=jlsut7u1d05np
[proxy:error] [pid 2139:tid 140080089888512] [client xx.x.xx.xx:57710] AH00898: Error reading from remote server returned by /ApplicationName/entryFailure, referer: http://application.url.com/ApplicationName/control?vi=jlsut7u1d05np
EDIT 6: Acesso ao host virtual.log mostrando sucessivas 200 respostas e depois 401 respostas:
xx.x.xx.xx - - [05/Jan/2018:15:47:34 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185254581&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255012&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185254703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255461&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255913&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185255703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185256430&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185256994&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 626 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185256703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 627 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185257423&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185257888&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185257703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185258320&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185258760&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185258703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185259341&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185259900&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185259707&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185260345&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185260825&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 349 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:41 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185260703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
xx.x.xx.xx - - [05/Jan/2018:15:47:41 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185261272&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 401 345 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
Você tem mod evasive ativado? Isso é usado para bloquear ataques DDOS, bloqueando um certo número de solicitações repetidas do mesmo endereço IP.
a2query -m evasivo
Se estiver ativado, você pode tentar desativá-lo ou aumentar o limite.
Referências:
Como remover ou desabilitar o mod_evasive do Apache Web Server? | Web Hosting Resource Kit