Marat Khalili | 1 Jul 12:51 2015

WebDAV reverse proxy SLOW

Dear all,

I'm configuring a reverse proxy with configuration provided below, for Apache 2.4 for Windows (I'm trying to bypass Windows authentication dialogs this way). It works, but file browsing is very slow: listing three files in a folder takes several seconds, dir /b/s comes line after line, and doesn't improve. In contrast, same WebDAV resource connected directly or via NetDrive utility is quite responsive. I suspect Apache does not reuse connections or similar problems, but can't find more parameters to tune. Please advise.


With Best Regards,
Marat Khalili


Define SRVROOT "/Apache24"
ServerRoot "${SRVROOT}"


LoadModule authz_core_module modules/
LoadModule headers_module /Apache24/modules/
LoadModule proxy_http_module /Apache24/modules/
LoadModule proxy_module /Apache24/modules/
LoadModule socache_shmcb_module modules/
LoadModule ssl_module modules/

ServerAdmin it <at>
ServerName localhost

<Directory />
    AllowOverride none
    Require all denied

ErrorLog "logs/error.log"

LogLevel warn
SSLSessionCache        "shmcb:${SRVROOT}/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

<VirtualHost localhost:80>
    SSLProxyEngine On
    SSLProxyProtocol All -SSLv2 -SSLv3
    SSLProxyVerify require
    SSLProxyCACertificateFile /Apache24/conf/ssl/ca.crt
    SSLProxyCheckPeerCN on
    SSLProxyCheckPeerExpire on

    # this is required to ensure that HTTP headers sent to the
    # WebDAV server are "rewritten" from "http://..." to "https://..."
    RequestHeader edit Destination ^http: https: early
    RequestHeader set Authorization "Basic DEADBEEFDEADBEEFDEADBEEF"
    # the essential proxy part
    <Location />
        ProxyPass max=8 flushpackets=on keepalive=on connectiontimeout=300 timeout=300
        ProxyPassReverse /
        # some WebDAV clients (such as ordinary browsers) are unhappy with the
        # cookies sent out by the internal server, so we "rewrite" the host and
        # the used path to the correct, external representation
        ProxyPassReverseCookieDomain localhost
        ProxyPassReverseCookiePath / /


pankit thapar | 30 Jun 23:57 2015

Client Cert Authentication behind an apache proxy without headers


I wanted to know if there is a way to pass on the client cert as it is to a backend server through an apache proxy without using the SSL headers.


The above figure is what I want to set up.
So, basically I want apache proxy to act as a man in the middle and just forward the https request as it is.

Please let me know if someone has an idea on this.

John Donnelly | 30 Jun 19:45 2015

Assistance in building 2.0.65 RPM on RH 5.7


 I am attempting to build an RPM from the httpd-2.0.65.tar.gz tarball on a
RH 5.7 system to deploy
 to existing systems running httpd 2.0.63 and I would like some

I have the base apr lib packages installed :

      rpm -qa | egrep "apr|apu"


 I had to make some subtle changes to the httpd.spec file to get it to
 by replacing ³ap[u|r]-config² with ³ap[u|r]-1-config²  , and the remove
the ³Serial² option :

[jdonnellyd <at> eng-builds-fir]$ cd httpd-2.0.65/
[jdonnellyd <at> eng-builds-fir httpd-2.0.65]$ diff httpd.spec
< BuildPrereq: /usr/bin/apr-config, /usr/bin/apu-config
> ##
> #  vmem changed /usr/bin/apr-config  to /usr/bin/apr-1-config
> #               /usr/bin/apu-config  to /usr/bin/apu-1-config
> # jpd 7/1/15
> ##
> #BuildPrereq: /usr/bin/apr-config, /usr/bin/apu-config
> BuildPrereq: /usr/bin/apr-1-config, /usr/bin/apu-1-config
< Serial: 1
> # Serial: 1
> ##
> #  vmem changed /usr/bin/apr-config  to /usr/bin/apr-1-config
> #               /usr/bin/apu-config  to /usr/bin/apu-1-config
> # jpd 7/1/15
> ##
<  	--with-apr=/usr/bin/apr-config \
< 	--with-apr-util=/usr/bin/apu-config \
>  	--with-apr=/usr/bin/apr-1-config \
> 	--with-apr-util=/usr/bin/apu-1-config \


 Yet the package fails to build  ( start of long list of compile errors ) :

/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc  -pthread  -O2
-g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic -I/usr/kerberos/include
-I/usr/include/apr-1 -I.
k -I/net/home/jdonnelly/rpmbuild/BUILD/httpd-2.0.65/prefork/include
-I/net/home/jdonnelly/rpmbuild/BUILD/httpd-2.0.65/include -I/net
/prefork/server -I/usr/include/openssl -I/usr/kerberos/include
/modules/dav/main -prefer-non-pic -static -c
/net/home/jdonnelly/rpmbuild/BUILD/httpd-2.0.65/server/provider.c &
& touch provider.lo
/net/home/jdonnelly/rpmbuild/BUILD/httpd-2.0.65/server/util_time.c: In
function 'cached_explode':
warning: implicit declaration of function 'APR_STATUS_IS_SUCCESS'
/net/home/jdonnelly/rpmbuild/BUILD/httpd-2.0.65/server/util_filter.c: In
il_filter.c:531: warning: implicit declaration of funct
ion 'APR_RING_FOREACH' <at> 

 I am looking for recommendations for how to get this component built. I
was expecting it to work on RH 5.7, do I
 need to go back to a older platform  (Cent OS 4.x) ?

 Thank you, 



JDonnelly         | Software Sustaining Engineer
Violin Memory Systems |

Hajo Locke | 30 Jun 09:07 2015

spdy/http/2 and mod_php


iam planning to upgrade my apache2.2 to 2.4.,  i have 2 questions before 
where i need your help.

former SPDY Implementation conflicts with non-threadsafe Moduls like 
mod_php. To use SPDY it is necessary to use worker-mpm and php-cgi.
Now HTTP/2 is new standard and i would like to know if HTTP/2 
Implementation has same conflicts with non-threadsafe Moduls like 
mod_php. As far as i know HTTP/2 is based on SPDY.

I have some non-standard Modules compiled and packaged for Apache2.2. Is 
it possible to use these Moduls again on Apache2.4 or is it necessary to 
compile all new for new Apacheversion?

RAY, DAVID | 29 Jun 22:12 2015

AIX OS Patch Breaks Apache/Tomcat



I am running Apache 2.2.29 and Tomcat 7.0.59 with tomcat connector(mod_jk) version 1.2.40 on AIX version 7.1 server.  Started having problems this morning after AIX OS was patched to AIX 7.1 TL 03 SP 04  and openssh to  WebAdvisor runs fine immediately after apache is started or restarted.  However its response slowing down.  AIX server CPU steadily increases and approaches 100% after running for 5 or 10 minutes under heavy load..  Seeing http process accumulate.  Not seeing much traffic at all in Tomcat server status.  Recompiled apache, tomcat connector, and Tomcat native.  Still no luck.  Later determined there is a bug with openssh and tried  Recompiled again.  Still no improvement.  Just booted from Clone backup taken before the AIX patch and everything  runs fine, no problems.  Anyone else have this experience with AIX patches/updates?  Not really much to see in error logs.  Tomcat is configured to run with java6 32 bit:


IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 AIX ppc-32 jvmap3260sr16-20141216_227499 (JIT enabled, AOT enabled)

J9VM - 20141216_227499

JIT  - r9_20140523_64469ifx3

GC   - GA24_Java6_SR16_20141216_1020_B227499)

JCL  - 20141216_01



Thank you.



K R | 29 Jun 17:53 2015

how to trace a proxypass directive


I am trying to use a proxypass and proxypass directive  but it seems to be not working . 

How can I trace it . appreciate any pointers

Thanks in advance
Joe Cajun | 29 Jun 11:04 2015



I trust this e-mail finds you well. 

I have been trying to send you some docs but haven't been able to attach them on here. I uploaded them via Tripod docs so you can view them. Check the sample below on the secure web site.


Joseph M Kajane
P O Box AAD 580 Poso House
James Moe | 28 Jun 22:02 2015

mod_rewrite is ignored or disabled

  httpd v2.4.10
  linux v3.16.7-21-desktop x86_64

  I am consolidating a discussion started in message "ReDirect
question". The issue there is that mod_rewrite is simply ignored.
Below are the contents of .htaccess and vhost.
  In both .htaccess and vhost the Rewrite* directive are simply
ignored as though they are commented out. (If I make a syntax error,
"Internal Server Error" occurs. Otherwise, nothing.) On our public
site which is running httpd v2.2, both rewrites perform as expected.
  Kurtis Rader and Eric Covener have patiently made a number of
suggestions to diagnose the problem. No joy, yet.

  What I am doing: We are moving our business suite to a new service
and we are using their shopping cart. The rewrites will point existing
category and specific product URLs to corresponding locations at the
new site based on the query string.

----[ .htaccess ]----
Options +ExecCGI +FollowSymLinks
#  Specific redirects first, then fallback
RewriteEngine on
RewriteCond %{QUERY_STRING} =app=ecom&ns=catshow&ref=books
RewriteRule ^
RewriteEngine off
# The fallback. Will be changed to point to ya250.... later.
Redirect /catalog/
----[ end ]----

----[ vhost ]----
# 20100606: Local copy of the Version 3 site
<VirtualHost *:80>
    ServerAdmin jimoe <at>

    DocumentRoot "/data01/t-drv/websites/sma-v3"
    ErrorDocument 404 /404.php
    ErrorDocument 410 /410.php
    ErrorDocument 401 /401.php

    ErrorLog  "/data01/t-drv/websites/.logs/sma-v3-error_log"
    CustomLog "/data01/t-drv/websites/.logs/sma-v3-access_log" common

 <Directory "/data01/t-drv/websites/sma-v3">
    AllowOverride FileInfo Authconfig Options
    Options Indexes FollowSymLinks MultiViews

    AddHandler application/x-httpd-php .php
    MultiviewsMatch Handlers

    Order allow,deny
    Allow from all

    AllowOverride All
# Always use a secure connection (at SMA site, this is in .htaccess)
    RewriteEngine On
    RewriteCond %{SERVER_PORT} =80
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
 <Files *>
   Forcetype application/x-http-php
 <Files *\.*>
   Forcetype none


## SSL Virtual Host Context
<IfDefine SSL>
#   Some MIME-types for downloading Certificates and CRLs
  AddType application/x-x509-ca-cert .crt
  AddType application/x-pkcs7-crl    .crl

<IfModule mod_ssl.c>
<VirtualHost *:443>

#  General setup for the virtual host
  DocumentRoot "/data01/t-drv/websites/sma-v3"
  ServerAdmin jimoe <at>
  ErrorLog  "/data01/t-drv/websites/.logs/sma-v3s-error_log"
  CustomLog "/data01/t-drv/websites/.logs/sma-v3s-access_log" common
  TransferLog "/data01/t-drv/websites/.logs/access_log"

  ErrorDocument 404 /404.php
  ErrorDocument 410 /410.php
  ErrorDocument 401 /401.php

 <Directory "/data01/t-drv/websites/sma-v3">
    AllowOverride Authconfig
    AllowOverride All
    Options -ExecCGI

 SSLEngine on

 SSLCertificateFile "/data01/t-drv/websites/.conf/ssl/sma-v3-site.crt"

 SSLProtocol ALL -SSLv2

 SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0


----[ end ]----


James Moe
moe dot james at sohnen-moe dot com

Andrea Croci | 28 Jun 16:10 2015

502 Proxy Error when redirecting URL

Hello Group,

I googled for this fairly long, and I did find a lot of help indeed, but I still can't get it.

I'm on a Ubuntu 14.04.2 LTS machine with Apache 2.4 and Red5 for Openmeetings to work.

What I'm trying to achieve is: I have in a host service, where my website runs (this also with Ubuntu 14.04, by the way). Since I can't install Openmeetings on that server, because I have no root access to it, I thought I would install it in my server, reachable under Openmeetings is now installed under directory "presentations-en" on port 5080 and works fine both local and from the net.

However, because I wouldn't like people to see as an address in their URL-bar in the browser, I tried redirecting "" with an .htaccess file to "" with this directive

RewriteRule ^(.*)$1 [P] # I tried also with a / between 5080 and $1

This gives me a 502 Proxy Error

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /presentations-en/.

Reason: Error reading from remote server

I enabled mod_proxy, mod_proxy_http and mod_proxy_html in the server and wrote this in the "apache2.conf" file:

ProxyPass /presentations-en http://localhost:5080/presentations-en
ProxyPassReverse /presentations-en http://localhost:5080/presentations-en

I tried with a lot of other configurations of directory structure and substituting "localhost" with "" to no avail. I tried a lot of other directives that I found in forums and mailing lists, but none of them worked. On some occasions I even get a different error by not changing absolutely anything. Once with this same configuration I got the URL changed to # (it rewrote "presentations-en" twice for whatever reason)

and obviously the error 404 Resource not found.

I looked at the log files for apache2 and access, but didn't find anything helpful there. I'll be more than glad to attach whatever log file can be helpful to you.

Thank you very much,

Regards, Andrea.

James Moe | 27 Jun 20:42 2015

Re: ReDirect question

On 06/25/2015 10:16 PM, James Moe wrote:
> apache v2.4.10 linux v3.16.7-21-desktop x86_64
  Here is the current state of my non-working rewrite:

- I added "LogLevel info rewrite:trace6" to the VirtualHost section
- The rewrite rule in <.htaccess>
RewriteEngine on
RewriteCond %{QUERY_STRING} =app=ecom&ns=catshow&ref=books
RewriteRule ^

- An excerpt from the error log:
[...] referer:

  There is nothing in the error log that contains the string "rewrite".
  If I read the docs correctly about LogLevel, the above rewrite is
being totally ignored since nothing the error log contains the string
  Any suggestions?


James Moe
moe dot james at sohnen-moe dot com

Anthony Rutledge | 27 Jun 16:53 2015

Help. DSOs not being built from source? Apache 2.4.12 & CentOS 7 (x86_64)

DSOs not being built from source? Apache 2.4.12 & CentOS 7 (x86_64)

This is a good question for those who are experts at installing Apache 2.4.12 from source.

First, no errors are being generated. My "configure, make, make install" sequence successfully creates a /usr/local/apache2/ directory.
Second, I have read the manual, poured over ./configure -h, searched the web, and no where does there seem to be anyone experiencing the same problem as me.
No matter what  "configure --foo-bar" sequence/combination I use, the shared modules are never built, or I cannot find them. I expect them to be under /usr/local/modules/, but all I get are *.a and *.la files. Alright, gurus, what am I missing?

Again, no matter what configure sequence/combination I try, *.so (DSO) files are never built, or I cannot find them.
apachectl -l does list mod_so as being compiled in statically. 

Can someone explain why no DSO's are being built, or how to build at least one? Very strange.