Is it apache bug ?

Discussion in 'Linux VPS/Dedicated - General' started by class101, Nov 27, 2007.

  1. class101

    class101 New Member

    hello there,

    does some days I can't get ride of a strange apache behaviour within my error_log I see a lot of:

    [Tue Nov 27 08:12:35 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:36 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:37 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:38 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:39 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:40 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:41 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    [Tue Nov 27 08:12:42 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
    This is when I setup a line like

    Listen 80

    But if I setup

    Listen <my VPS ip>:80

    I see the same lines as above with just 0.0.0.0 replaced by <my VPS ip>

    Anyone found how to get ride of this because it happens very often & it uses CPU and log space for nothing, I'd aprreciate to remove this behaviour but can't find a lot of help on the web on this apache issue. Thanks !

    Running last apache 2.2.6

    Edit: I think I have found what is the problem , Im firewalling port 80 because my website is closed yet and I have also disallowed localhost connection within the rules, will try by allowing at least localhost.
     
  2. class101

    class101 New Member

    Fixed this by adding

    -A INPUT -s 127.0.0.1 -j ACCEPT

    in iptables to allow localhost connection but now I see Guest vistors with 127.0.0.1, if anyone know what is supposed to connect my apache from the localhost ? I have insatlled as third party modules, modsecurity and mod fastcgi. Dont think its a big problem but Id like to find why apache initiate connections to its own processus. thanks
     
  3. khiltd

    khiltd New Member

    Why don't you try disabling all of the overpriced and overzealous Kaczynski security products you probably don't actually need just to see how many of these problems with blocked ports you're continually experiencing disappear?
     
  4. class101

    class101 New Member

    Im not talking about my own blocked ports .... It's all about apache configuration if you read carefully, I fixed the connection refused problem because I had wrongly setup the VPS firewall that was rejecting the localhost, I had just forgot to put localhost exception, Im just telling now what in apache loads the localhost to connect the server port 80, Im runnning apache modsecurity + php as cgi, if you don't know then don't reply such reply you made doesn't help at all..
    I'm just telling here because that doesn't looks like a big behaviour(or may be normal if modsecurity initiate some checks) but if someone experienced it already that would help me to understand for the time to pass on debugging this. Thanks.
     
  5. khiltd

    khiltd New Member

    I'm reading as carefully as I possibly can, the problem is that you make little to no sense and seem to cause all of your own connectivity issues directly. Internal subrequests are a vital part of both Apache and Apache module functionality and the code is freely perusable should you question their actions.
     
  6. class101

    class101 New Member

    Ok I have found what it is about, this link will help to bypass logging of theses connections:

    http://wiki.apache.org/httpd/InternalDummyConnection

    or on this one there is a mod_rewrite technique posted to 403 the dummy connection, this patch must be prefered rather than the log one because the dummy connection may consume cpu and performances for nothing ..

    Apache's 'internal dummy connection' · Inventive Labs: Web Problem Solvers

    It's present in 2.0+ and its logging has been introduced in apache 2.2+ so that's why I have noticed it on the last 2.2.6 :)

    or I can go back to my iptables configuration that was rejecting it, seem good since its a useless dummy connection.
     
  7. class101

    class101 New Member

    That weirdness tempt me to look at lighttpd wich looks like better about CPU and mem usage
     
  8. class101

    class101 New Member

    looks very good lighttpd for a VPS, I will keep it :)
     

Share This Page