which timeout (ttl or timeout) will take precedence in apache?

I have set Timeout to 1800 (30 minutes) and ttl for the proxy connection to 60 secs.
will the sessions be active for 30 minutes or 60 seconds?
Ideally, we want the session to be active for 30 minutes. what are the correct timeout parameters that has to be set?

Timeout 1800

BalancerMember ajp://server1:8009 route=node1 connectiontimeout=30 retry=60 loadfactor=20 ttl=60

Thanks,
Akay

Related:

Server change the cookie every navigation between two application in same domaine

I have two application run i same server Glassfish with two Instances, i use SSO, and i use Apache for load-balancing.

Every thing work fine, i just notified some thing, so when client goes from App1 to App2, and the VS, every time it create a new cookie like this:

+-------+----------------------------------------+
| APP   | Cookie                                 |
+-------+----------------------------------------+-----+
| app1  | b5a1cd4befdc306f6e569d835b5e.instance2 | New |              
+-------+----------------------------------------+-----+
| app2  | b6caf890638a506216d625f7c82b.instance2 | New |                                  
+-------+----------------------------------------+-----+
| app1  | b6d1870ad8f3d044cc768b31e810.instance2 | New |                                   
+-------+----------------------------------------+-----+
| app2  | b6d84bf7b2a6fc37e3c9ffaf701b.instance2 | New |
+-------+----------------------------------------+-----+
| app2  | b6d84bf7b2a6fc37e3c9ffaf701b.instance2 |Same | because i don't change the application
+-------+----------------------------------------+-----+    
  • Why this create a new cookie every time?
  • How can fix and make it unique per application?

Thank you.

Related:

stickysession not work fine in apache and two Glassfish Instances

I have two application that run in two Glassfish Instances, i configure my apache to use sticky session like so :

ProxyPass / balancer://Appcluster/ stickysession=JSESSIONID

But this not work 100% correct, it change some times the instance when the client goes from App1 to App2.

I check the cookies in my navigator it show me something like this :

cookies of browser

I found another configuration in web.xml, like so :

<session-config>
    <session-timeout>
        30
    </session-timeout>
    <cookie-config>
        <path>/</path>
    </cookie-config>
</session-config>

So when i make this path like this every thing work fine, but it create a new context every navigation between this two application.

Now i configure my Glassfish and set the App1 like a Default Web Module, this work fine and the context is the same, and the sever create a new cookie like this :

cookies of browser

But when i try to connect with the NO Default Web Module, it use two Instances.

Can you please propose the right configuration of Apache and Glassfish to run multiple application in a cluster environment?

Thank you

Related:

Windows firewall blocks port connection even it’s allowed

I have setup windows firewall rules to allow port 443 and 9000 to be allowed though inbound and outbound connections, and allowed the apache httpd.exe though the firewall as well. But as shown by my firewall log, you can see that both ports are still being actively dropped. Below I have attached screenshots of my firewall rules for both inbound and outbound, my firewall logs showing the connection being dropped, and my IP configuration on the windows server. Notice that I am using virtual machine to do this, I don’t know if this has anything to do with my firewall blocking allowed connections.

Firewall rules

Firewall logs and IP config

Related:

Requests go to document root with Apache alias

I have this configurartion

<VirtualHost *:443>
    ServerName myserver.fr
    SSLEngine on
    ProxyRequests On
    ProxyPreserveHost On
    DocumentRoot /srv/apache2/htdocs/

    Alias /subdomain/ /srv/apache2/htdocs/subdomain/
    ...
</VirtualHost>

When I request https://myserver.fr/subdomain I get the Apache error:

File does not exist: /srv/apache2/htdocs/app, referer:https://myserver.fr/subdomain

where “app” is a subfolder of /srv/apache2/htdocs/subdomain/

If it’s useful, here is the output of apachectl -S:

VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443                  is a NameVirtualHost
         default server mimove-myserver.fr (/srv/apache2/conf/sites-enabled/default-ssl:2)
         port 443 namevhost myserver.fr (/srv/apache2/conf/sites-enabled/default-ssl:2)
*:80                   is a NameVirtualHost
         default server myserver.fr (/srv/apache2/conf/sites-enabled/000-default:1)
         port 80 namevhost myserver.fr (/srv/apache2/conf/sites-enabled/000-default:1)
Syntax OK

Related:

How do I hide "index.php" from URL on HAProxy

Here I have install HAProxy-1.7 on linux machine and backend forward request to varnish cache server then apache2 web server handle. All application install on single machine.

Flow:

---443--> |
          | HAProxy ------>Varnish(8081) ----------> apache2(8080)
---80---> | 

So here I need to hide index.php from URL using HAProxy.

Related:

Need helpful error message from mod_proxy_fcgi

When a non-existent php script is requested, mod_proxy_fcgi provides a rather useless error message, basically just saying

[proxy_fcgi:error] .... AH01071: Got error 'Primary script unknown\n'

This server is using Apache 2.4.6 (Centos 7), with php handling configured as:

<FilesMatch \.php$>
  SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>

I really would like to know the actual script name, because it may contain useful information (such as indicating a defective link, an error in a page name, or merely showing that it is just another fool hunting for a server with unprotected wp-login.php).

I tried changing LogLevel from info to debug, but then the error log was also filled with valid php script access details, which makes quite a mess of the error log, since those are not actually errors.

Is there some way to get a more useful proxy_fcgi error message which includes the actual script name for non-existent php scripts?

Related:

website stuck in redirect loop after using behind cloudflare

my website https://stage.issufy.com/ , after setting up ssl, i get 302 redirect loop.
Here is htaccess file


<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

   # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

Here is Apache configuration for http:

<VirtualHost *:80>
   ServerName stage.issufy.com
    Redirect / https://stage.issufy.com
   DocumentRoot /var/www/html/stage.issufy.com

   <Directory "/var/www/html/stage.issufy.com">
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
   </Directory>

   ErrorLog ${APACHE_LOG_DIR}/error.log
   CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =stage.issufy.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

and here is ssl configuration:

<IfModule mod_ssl.c>
<VirtualHost *:443>
   ServerName stage.issufy.com
   DocumentRoot /var/www/html/stage.issufy.com
   <Directory "/var/www/html/stage.issufy.com">
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
   </Directory>
   ErrorLog ${APACHE_LOG_DIR}/error.log
   CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/stage.issufy.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/stage.issufy.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Website works fine without cloudfare, but as soon as cloudflare is enabled, it gives errors of 302 redirection.

here is error log

172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:20 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:20 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"

Related:

Handle different "domains" without subdomains

I have a server (“myserver”) which only allows requests to the port 80 via HTTPS. Another limitation is that I cannot create subdomains, so I have to stick with “myserver”.

Now, I have two applications: “frontend” running in port 8000 and “backend” in port 9000. Ideally, I would create two virtual hosts: “frontend.myserver” and “backend.myserver” using different document roots, server names, etc, but since it is not possible, I think I will have to work with paths such as “myserver/frontend” and “myserver/backend”, for example.

Is it possible to do that? Do you know which configuration directive will allow me to do that? maybe using the alias directive?

Related:

Apache error – File name too long: Cannot map GET

I have PHP Laravel application installed on my CentOS VPS. It is backend for my mobile application that has been recently updated. Unfortunately I wrote some bad code that results in making request that is concatenation of hundreds, maybe thousands of words.

My apache server is going down very often ( at minimum 1 per hour ) and I have to run : service httpd restart.

As i see in error.log there are a lot of those entries :

(36)File name too long: Cannot map GET /adminpanel/public/api/v2/categoriese=c3Jr...    

Tens of those requests per second and apache is down.

I’ve published an update to app stores, but some users still have old version. Is there a possibility to block those requests before they will be processed ?

Related: