Re: [users@httpd] Reverse Proxy Questions
Try setting the proxy-initial-not-pooled flag with mod_proxy_http, see http://httpd.apache.org/docs/current/mod/mod_proxy_http.html Apache 2.4 has an issue with the HTTP keep-alive time out which happens quite frequently with ActiveSync. There is an ongoing discussion (mod_proxy, oooled backend connections and the keep-alive race condition) regarding this problem on the dev list. Do you happen to use NTLM between the reverse proxy and exchange server ? If you do I would be very much interested in the impact of the above mentioned mod_proxy_http flag with the authentication procedure. On Thu, Oct 17, 2013 at 10:03 PM, Shawn Cannon sh...@shawncannon.comwrote: Yes it is getting there. I do not know how long it would take. my test box only has one machine using Windows RT connecting via ActiveSync through the reverse proxy. It is working despite seeing the error. When I tried this in production we had multiple complaints from phone users and I saw these errors so I thought something must have changed from 2.2 to 2.4. Shawn Cannon IT Professional EMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 -- From: yeh...@ymkatz.net Date: Thu, 17 Oct 2013 15:57:33 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Reverse Proxy Questions There is a timeout, but I don't think it has changed in this version: http://httpd.apache.org/docs/2.4/mod/mod_proxy.html How long do you expect the response to take? Do you know if the request is getting to the Exchange server? - Y On Thu, Oct 17, 2013 at 3:48 PM, Shawn Cannon sh...@shawncannon.comwrote: We have been using Apache 2.2.x with reverse proxy modules for our clients to access their OWA servers for over a year. I want to get us to Apache 2.4.x so I setup a test box with latest 2.4 on it. I fixed the config file issues since 2.4 has changes in it. OWA proxy is working on my test server with Apache 2.4. But with 2.4 I do have an issue I cannot figure out. Note that this does NOT occur with Apache 2.2. I get the following errors when using ActiveSync through reverse proxy: [Thu Oct 17 12:19:11.670665 2013] [proxy_http:error] [pid 748:tid 8440] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : [client x.x.x.x:20311] AH01102: error reading status line from remote server mail.nameredacted.net:443 [Thu Oct 17 12:19:11.670665 2013] [proxy:error] [pid 748:tid 8440] [client x.x.x.x:20311] AH00898: Error reading from remote server returned by /Microsoft-Server-ActiveSync So somehow with Apache 2.4 there is some sort of timeout that was not there with 2.2. Any ideas? Shawn Cannon IT Professional EMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013
Re: [users@httpd] Need Help for back porting module mod_reqtime
Could you please provide usage for apxs to set httpd.conf to custom path. i.e place LoadModule antiloris_module /usr/lib64/httpd/modules/mod_antiloris.so line in custom path httpd.conf. Tried running by adding 1. apxs -g -S SYSCONFDIR=/santosh/current/apache/httpd.conf 2. apxs -a -i -l cap -c mod_antiloris.c -S SYSCONFDIR=/santosh/current/apache/httpd.conf 3 \[root@licencehost mod_antiloris-0.3]# /usr/sbin/apxs -a -i -l cap -c mod_antiloris.c -S SYSCONFDIR=/santosh/current/apache/httpd.conf /bin/sh /usr/lib64/apr/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -m64 -DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/apr-0 -I/usr/include/httpd -c -o mod_antiloris.lo mod_antiloris.c touch mod_antiloris.slo /bin/sh /usr/lib64/apr/build/libtool --silent --mode=link gcc -o mod_antiloris.la -lcap -rpath /usr/lib64/httpd/modules -module -avoid-versionmod_antiloris.lo -S SYSCONFDIR=/orbital/current/apache/httpd.conf /usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/bin/sh /usr/lib64/apr/build/libtool' mod_antiloris.la /usr/lib64/httpd/modules /bin/sh /usr/lib64/apr/build/libtool --mode=install cp mod_antiloris.la/usr/lib64/httpd/modules/ cp .libs/mod_antiloris.so /usr/lib64/httpd/modules/mod_antiloris.so cp .libs/mod_antiloris.lai /usr/lib64/httpd/modules/mod_antiloris.la cp .libs/mod_antiloris.a /usr/lib64/httpd/modules/mod_antiloris.a ranlib /usr/lib64/httpd/modules/mod_antiloris.a chmod 644 /usr/lib64/httpd/modules/mod_antiloris.a PATH=$PATH:/sbin ldconfig -n /usr/lib64/httpd/modules -- Libraries have been installed in: /usr/lib64/httpd/modules If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use the `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - add LIBDIR to the `LD_RUN_PATH' environment variable during linking - use the `-Wl,--rpath -Wl,LIBDIR' linker flag - have your system administrator add LIBDIR to `/etc/ld.so.conf' See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. -- chmod 755 /usr/lib64/httpd/modules/mod_antiloris.so apxs:Error: Activation failed for custom /etc/httpd/conf/httpd.conf file.. apxs:Error: At least one `LoadModule' directive already has to exist.. On Fri, Oct 11, 2013 at 5:23 PM, Nick Kew n...@webthing.com wrote: On Fri, 11 Oct 2013 12:14:48 +0530 Santosh Kumar santoshjee...@gmail.com wrote: Followed the Below steps Why? You use apxs to compile a module (see TFM). You'll have to deal with minor API changes since 2.0, but if any of those baffle you, that would be a more specific question. -- Nick Kew - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Need Help for back porting module mod_reqtime
Found the option, (by intercghanging options) usr/sbin/apxs -S SYSCONFDIR=/santosh/current/apach -a -i -l cap -c mod_antiloris.c On Fri, Oct 18, 2013 at 2:38 PM, Santosh Kumar santoshjee...@gmail.comwrote: Could you please provide usage for apxs to set httpd.conf to custom path. i.e place LoadModule antiloris_module /usr/lib64/httpd/modules/mod_antiloris.so line in custom path httpd.conf. Tried running by adding 1. apxs -g -S SYSCONFDIR=/santosh/current/apache/httpd.conf 2. apxs -a -i -l cap -c mod_antiloris.c -S SYSCONFDIR=/santosh/current/apache/httpd.conf 3 \[root@licencehost mod_antiloris-0.3]# /usr/sbin/apxs -a -i -l cap -c mod_antiloris.c -S SYSCONFDIR=/santosh/current/apache/httpd.conf /bin/sh /usr/lib64/apr/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -m64 -DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/apr-0 -I/usr/include/httpd -c -o mod_antiloris.lo mod_antiloris.c touch mod_antiloris.slo /bin/sh /usr/lib64/apr/build/libtool --silent --mode=link gcc -o mod_antiloris.la -lcap -rpath /usr/lib64/httpd/modules -module -avoid-versionmod_antiloris.lo -S SYSCONFDIR=/orbital/current/apache/httpd.conf /usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/bin/sh /usr/lib64/apr/build/libtool' mod_antiloris.la /usr/lib64/httpd/modules /bin/sh /usr/lib64/apr/build/libtool --mode=install cp mod_antiloris.la/usr/lib64/httpd/modules/ cp .libs/mod_antiloris.so /usr/lib64/httpd/modules/mod_antiloris.so cp .libs/mod_antiloris.lai /usr/lib64/httpd/modules/mod_antiloris.la cp .libs/mod_antiloris.a /usr/lib64/httpd/modules/mod_antiloris.a ranlib /usr/lib64/httpd/modules/mod_antiloris.a chmod 644 /usr/lib64/httpd/modules/mod_antiloris.a PATH=$PATH:/sbin ldconfig -n /usr/lib64/httpd/modules -- Libraries have been installed in: /usr/lib64/httpd/modules If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use the `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - add LIBDIR to the `LD_RUN_PATH' environment variable during linking - use the `-Wl,--rpath -Wl,LIBDIR' linker flag - have your system administrator add LIBDIR to `/etc/ld.so.conf' See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. -- chmod 755 /usr/lib64/httpd/modules/mod_antiloris.so apxs:Error: Activation failed for custom /etc/httpd/conf/httpd.conf file.. apxs:Error: At least one `LoadModule' directive already has to exist.. On Fri, Oct 11, 2013 at 5:23 PM, Nick Kew n...@webthing.com wrote: On Fri, 11 Oct 2013 12:14:48 +0530 Santosh Kumar santoshjee...@gmail.com wrote: Followed the Below steps Why? You use apxs to compile a module (see TFM). You'll have to deal with minor API changes since 2.0, but if any of those baffle you, that would be a more specific question. -- Nick Kew - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Reverse Proxy Questions
I added the flag mentioned yet I still get the 2 proxy errors mentioned in my initial email. I also added keep-alive settings to my httpd.conf. Even with these errors my ActiveSync test seems to be working from my Windows RT tablet. Of course there is no production load to this server since it is a test box. I am curious to see if I put a production server back in place with these settings if the end users will have issues. Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 Date: Fri, 18 Oct 2013 10:53:04 +0200 From: thomas.r.w.eck...@gmail.com To: users@httpd.apache.org Subject: Re: [users@httpd] Reverse Proxy Questions Try setting the proxy-initial-not-pooled flag with mod_proxy_http, see http://httpd.apache.org/docs/current/mod/mod_proxy_http.html Apache 2.4 has an issue with the HTTP keep-alive time out which happens quite frequently with ActiveSync. There is an ongoing discussion (mod_proxy, oooled backend connections and the keep-alive race condition) regarding this problem on the dev list. Do you happen to use NTLM between the reverse proxy and exchange server ? If you do I would be very much interested in the impact of the above mentioned mod_proxy_http flag with the authentication procedure. On Thu, Oct 17, 2013 at 10:03 PM, Shawn Cannon sh...@shawncannon.com wrote: Yes it is getting there. I do not know how long it would take. my test box only has one machine using Windows RT connecting via ActiveSync through the reverse proxy. It is working despite seeing the error. When I tried this in production we had multiple complaints from phone users and I saw these errors so I thought something must have changed from 2.2 to 2.4. Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 From: yeh...@ymkatz.net Date: Thu, 17 Oct 2013 15:57:33 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Reverse Proxy Questions There is a timeout, but I don't think it has changed in this version: http://httpd.apache.org/docs/2.4/mod/mod_proxy.htmlHow long do you expect the response to take? Do you know if the request is getting to the Exchange server? - Y On Thu, Oct 17, 2013 at 3:48 PM, Shawn Cannon sh...@shawncannon.com wrote: We have been using Apache 2.2.x with reverse proxy modules for our clients to access their OWA servers for over a year. I want to get us to Apache 2.4.x so I setup a test box with latest 2.4 on it. I fixed the config file issues since 2.4 has changes in it. OWA proxy is working on my test server with Apache 2.4. But with 2.4 I do have an issue I cannot figure out. Note that this does NOT occur with Apache 2.2. I get the following errors when using ActiveSync through reverse proxy: [Thu Oct 17 12:19:11.670665 2013] [proxy_http:error] [pid 748:tid 8440] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : [client x.x.x.x:20311] AH01102: error reading status line from remote server mail.nameredacted.net:443 [Thu Oct 17 12:19:11.670665 2013] [proxy:error] [pid 748:tid 8440] [client x.x.x.x:20311] AH00898: Error reading from remote server returned by /Microsoft-Server-ActiveSync So somehow with Apache 2.4 there is some sort of timeout that was not there with 2.2. Any ideas? Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013
RE: [users@httpd] Reverse Proxy Questions
Hang on I did NOT have the flag set. I forgot the 1 after the variable. Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 From: sh...@shawncannon.com To: users@httpd.apache.org Date: Fri, 18 Oct 2013 09:15:23 -0400 Subject: RE: [users@httpd] Reverse Proxy Questions I added the flag mentioned yet I still get the 2 proxy errors mentioned in my initial email. I also added keep-alive settings to my httpd.conf. Even with these errors my ActiveSync test seems to be working from my Windows RT tablet. Of course there is no production load to this server since it is a test box. I am curious to see if I put a production server back in place with these settings if the end users will have issues. Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 Date: Fri, 18 Oct 2013 10:53:04 +0200 From: thomas.r.w.eck...@gmail.com To: users@httpd.apache.org Subject: Re: [users@httpd] Reverse Proxy Questions Try setting the proxy-initial-not-pooled flag with mod_proxy_http, see http://httpd.apache.org/docs/current/mod/mod_proxy_http.html Apache 2.4 has an issue with the HTTP keep-alive time out which happens quite frequently with ActiveSync. There is an ongoing discussion (mod_proxy, oooled backend connections and the keep-alive race condition) regarding this problem on the dev list. Do you happen to use NTLM between the reverse proxy and exchange server ? If you do I would be very much interested in the impact of the above mentioned mod_proxy_http flag with the authentication procedure. On Thu, Oct 17, 2013 at 10:03 PM, Shawn Cannon sh...@shawncannon.com wrote: Yes it is getting there. I do not know how long it would take. my test box only has one machine using Windows RT connecting via ActiveSync through the reverse proxy. It is working despite seeing the error. When I tried this in production we had multiple complaints from phone users and I saw these errors so I thought something must have changed from 2.2 to 2.4. Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013 From: yeh...@ymkatz.net Date: Thu, 17 Oct 2013 15:57:33 -0400 To: users@httpd.apache.org Subject: Re: [users@httpd] Reverse Proxy Questions There is a timeout, but I don't think it has changed in this version: http://httpd.apache.org/docs/2.4/mod/mod_proxy.htmlHow long do you expect the response to take? Do you know if the request is getting to the Exchange server? - Y On Thu, Oct 17, 2013 at 3:48 PM, Shawn Cannon sh...@shawncannon.com wrote: We have been using Apache 2.2.x with reverse proxy modules for our clients to access their OWA servers for over a year. I want to get us to Apache 2.4.x so I setup a test box with latest 2.4 on it. I fixed the config file issues since 2.4 has changes in it. OWA proxy is working on my test server with Apache 2.4. But with 2.4 I do have an issue I cannot figure out. Note that this does NOT occur with Apache 2.2. I get the following errors when using ActiveSync through reverse proxy: [Thu Oct 17 12:19:11.670665 2013] [proxy_http:error] [pid 748:tid 8440] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : [client x.x.x.x:20311] AH01102: error reading status line from remote server mail.nameredacted.net:443 [Thu Oct 17 12:19:11.670665 2013] [proxy:error] [pid 748:tid 8440] [client x.x.x.x:20311] AH00898: Error reading from remote server returned by /Microsoft-Server-ActiveSync So somehow with Apache 2.4 there is some sort of timeout that was not there with 2.2. Any ideas? Shawn Cannon IT ProfessionalEMC Elect 2013 | Dell TechCenter Rockstar 2013 | VMware vExpert 2013
[users@httpd] Denis KWONG is out of the office.
I will be out of the office starting 2013/10/18 and will not return until 2013/10/21. Please contact Ms Louisa Ng at 2810 3065 if you need assistance. This notice is generated in response to your mail: From: users-digest-h...@httpd.apache.org Subject: users Digest 18 Oct 2013 13:15:53 - Issue 4673 Date: 18.10.2013 21:15:53 - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Permission Still Denied with Moodle
Hi, Just thought I'd give an update in case anyone else is having server problems on Fedora 19 now that it uses FirewallD and sees this thread later. A permanent solution is to copy the zone file you want from /usr/lib/firewalld/zones/ to /etc/firewalld/zones/ then edit that file to add a service and a port:service name=http/port port=80 protocol=tcp|udp/Reboot and the site is served. A zone is a settings profile. The one active by default on my system was public.xml, which is described as For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. I'm not sure how secure this is, as many people still use iptables and consider FirewallD too new for their security, so if anyone has any ideas about safer settings, I'd be willing to listen.I didn't try Paul's advice to set my residential router to a static IP as I connect to the internet through a cable modem that changes the IP if it gets turned off, and since the router works for other boxes and I found a solution with FirewallD, I went with that. Thanks again for all the help, Timothy Curchod. Date: Tue, 15 Oct 2013 12:32:39 -0400 To: users@httpd.apache.org From: storm...@stormy.ca Subject: Re: [users@httpd] Permission Still Denied with Moodle At 10:00 PM 10/14/2013 -0400, Yehuda Katz wrote: On Mon, Oct 14, 2013 at 6:06 AM, Timothy Curchod timof...@hotmail.com wrote: The bad news is that in the error log there is nothing when going to http://192.186.1.100/info.php or http://*my*.*ip*.*goes*.*here*/info.php. Localhost works fine. So if there is no error in the httpd error_log, then I am on the wrong mailing list now, right? It's not an Apache problem, it's a network setup/hardware issue. To recap, the problem now is that requests through localhost work properly and other requests time out. Is that correct? To me this really indicates that either Apache is not listening on other IPs (which we went through already) or (not sure why I did not mention this sooner) you might have a firewall in the way. Can you check if you have a firewall (like iptables) running on the system? I *could* be way off track, but, as I wrote previously, this user has a Linksys WRT54C router using Automatic Configuration DHCP -- this is quite an old residential item, and istr that these were problematic. I can't even remember if it's a modem as well as a router. In any case, try setting it to static IP (or particularly if it's a modem, set to straight through, disable any IP intervention and rely on your server set up for routing and firewall.) Best - Paul
[users@httpd] Apache for Windows - forward logs to syslog server
I am trying to figure out how to forward mainly the Error Logs from an Apache for Windows installation over to a remote syslog server. All documents I can locate show how to do this if Apache is running in Linux. Does anyone know how to make this happen in Windows? Shawn Cannon, IT Professional vExpert 2013 | EMC Elect 2013 | Dell TechCenter Rockstar 2013 VCAP5-DCA, VCP-DCV5, MCITP http://vTech411.com