Apache/mod_wsgi complaining that the client closed the connection

Sun, 04 Jul 2021 14:29:30 -0700

I have an application behind haproxy 2.4.1 that is wsgi -- python.  It is this one: 

https://github.com/atoponce/d-note
It appears to work perfectly, but the Apache error log shows this every time the page is loaded:
[Sun Jul 04 13:06:09.790898 2021] [wsgi:error] [pid 23697:tid 139826101806848] [client 192.168.1.1:42470] IOError: Apache/mod_wsgi client connection closed., referer: https://secrets.elyograg.org/
As you can see, it's found at https://secrets.elyograg.org for anyone interested in taking a look.
The wsgi documentation says that error can generally be ignored, and as I said the site works perfectly ... but I'd like to know if there is anything that can be added to the haproxy config to have it run error-free.  Not sure how it would be closing the connection anyway ... I have http/2 enabled on the back end, and I believe that keepalive is also enabled.  Not entirely sure about keepalive... much of the config is cribbed from production servers I once cared for and I haven't done any thorough testing. 

-----------------

From the mod_wsgi FAQ:
Q: Why do I get the error ‘IOError: client connection closed’ appearing in the error logs?
A: This occurs when the HTTP client making the request closes the connection before the complete response for a request has been written.
This can occur where a user force reloads a web page before it had been completely displayed. It can also occur when using benchmarking tools such as ‘ab’ as they will over commit on the number of requests they make when doing concurrent requests, killing off any extra requests once the required number has been reached. 

-----------------
I would imagine that issues like this have been VERY thoroughly investigated from haproxy's perspective many times over the years ... but if I hit the backend directly (non-tls, port 81) with all the browsers I have (Chrome, Firefox, IE, and Edge), that error is NOT logged by mod_wsgi.  The backend is not reachable from the Internet.  Something I noticed, which COULD be significant: Hitting the backend directly with browsers uses HTTP 1.1, but when haproxy hits it, it uses h2c. 

Thanks,
Shawn

Reply via email to