Is it apache bug ?

class101

New Member
hello there,

does some days I can't get ride of a strange apache behaviour within my error_log I see a lot of:

[Tue Nov 27 08:12:35 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:36 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:37 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:38 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:39 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:40 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:41 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
[Tue Nov 27 08:12:42 2007] [warn] (111)Connection refused: connect to listener on 0.0.0.0:80
This is when I setup a line like

Listen 80

But if I setup

Listen <my VPS ip>:80

I see the same lines as above with just 0.0.0.0 replaced by <my VPS ip>

Anyone found how to get ride of this because it happens very often & it uses CPU and log space for nothing, I'd aprreciate to remove this behaviour but can't find a lot of help on the web on this apache issue. Thanks !

Running last apache 2.2.6

Edit: I think I have found what is the problem , Im firewalling port 80 because my website is closed yet and I have also disallowed localhost connection within the rules, will try by allowing at least localhost.
 
Fixed this by adding

-A INPUT -s 127.0.0.1 -j ACCEPT

in iptables to allow localhost connection but now I see Guest vistors with 127.0.0.1, if anyone know what is supposed to connect my apache from the localhost ? I have insatlled as third party modules, modsecurity and mod fastcgi. Dont think its a big problem but Id like to find why apache initiate connections to its own processus. thanks
 
Why don't you try disabling all of the overpriced and overzealous Kaczynski security products you probably don't actually need just to see how many of these problems with blocked ports you're continually experiencing disappear?
 
Im not talking about my own blocked ports .... It's all about apache configuration if you read carefully, I fixed the connection refused problem because I had wrongly setup the VPS firewall that was rejecting the localhost, I had just forgot to put localhost exception, Im just telling now what in apache loads the localhost to connect the server port 80, Im runnning apache modsecurity + php as cgi, if you don't know then don't reply such reply you made doesn't help at all..
I'm just telling here because that doesn't looks like a big behaviour(or may be normal if modsecurity initiate some checks) but if someone experienced it already that would help me to understand for the time to pass on debugging this. Thanks.
 
I'm reading as carefully as I possibly can, the problem is that you make little to no sense and seem to cause all of your own connectivity issues directly. Internal subrequests are a vital part of both Apache and Apache module functionality and the code is freely perusable should you question their actions.
 
Ok I have found what it is about, this link will help to bypass logging of theses connections:

http://wiki.apache.org/httpd/InternalDummyConnection

or on this one there is a mod_rewrite technique posted to 403 the dummy connection, this patch must be prefered rather than the log one because the dummy connection may consume cpu and performances for nothing ..

Apache's 'internal dummy connection' · Inventive Labs: Web Problem Solvers

It's present in 2.0+ and its logging has been introduced in apache 2.2+ so that's why I have noticed it on the last 2.2.6 :)

or I can go back to my iptables configuration that was rejecting it, seem good since its a useless dummy connection.
 
Top