Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Apache proxypass IP addresses cached

I am using Apache web server 2.4 to proxy incoming HTTP requests to our back-end servers using the proxypass directive. I am also passing outgoing request from our back-end servers through Apache, again using proxypass, e.g.

< Location /outgoingrequest/ >
    ProxyPass http://foobar.com/ retry=0 timeout=40 ttl=60
    ProxyPassReverse http://foobar.com/
< /Location >

This works fine normally, I can see all the incoming and outgoing requests in the Apache log. However foobar.com is hosted in the AWS cloud and occasional its IP address changes, which then causes all outgoing request to fail. A DNS lookup shows the new IP address, so clearly mod-proxy is caching the old IP address. I have added ttl=60, but the outgoing requests keep failing for hours.

Is there something I am missing, or should I be doing this a different way altogether?

like image 908
HandyHowie Avatar asked Nov 19 '15 08:11

HandyHowie


People also ask

Does Apache cache DNS?

In apache case the DNS results are cached by apache worker process. You can have a DNS service, like nscd or dnsmasq , that is doing the DNS caching.

How do I clear the Apache HTTP server cache?

Open the Apache caching PHP utility by typing "htcacheclean -r" into the terminal window. When this is completed, press "Enter" on the keyboard to formally launch the cache cleaning. During this process, the server utility thoroughly cleans and deletes any superfluous subdirectories on the server.

What is ProxyPass in Apache?

ProxyPass is the main proxy configuration directive. In this case, it specifies that everything under the root URL ( / ) should be mapped to the backend server at the given address.

How do I forward client IP instead of proxy IP Apache reverse proxy?

Yes. Add the mod_remoteip package to the apache behind the proxy server. mod_remoteip replace the IP address of the proxy server with the value of X-Forward-For which contains the original IP address of the web client. Remember to always use this with RemoteIPInternalProxy or similar security feature.


1 Answers

Have you try to disable the connection pool of Apache entirely with:

ProxyPass http://foobar.com/ retry=0 disablereuse=On

Documentation says:

This helps in various situations (..) when backends themselves may be under round-robin DNS.

like image 124
Doomsday Avatar answered Oct 08 '22 19:10

Doomsday