Hello,
I’m receiving multiple proxy_http errors in apache log:
[Tue Feb 25 07:55:49.576930 2020] [proxy_http:error] [pid 6615:tid 140651958089472] (20014)Internal error (specific information not available): [client 192.168.196.254:62068] AH01102: error reading status line from remote server 127.0.0.1:9000, referer: https://sentry.company.com/settings/company/
This is my apache vhost:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ErrorLog ${APACHE_LOG_DIR}/sentry_error.log
CustomLog ${APACHE_LOG_DIR}/sentry_access.log combined
SSLEngine on
SSLCertificateChainFile /etc/letsencrypt/chain.pem
SSLCertificateFile /etc/letsencrypt/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/privkey.pem
ServerName sentry.company.be
ProxyPreserveHost On
Requestheader set X-Forwarded-Proto: "https"
proxyRequests Off
<Location />
Header always set Strict-Transport-Security "max-age=31536000"
ProxyPass http://127.0.0.1:9000/
ProxyPassReverse http://127.0.0.1:9000/
</location>
</VirtualHost>
</IfModule>
I’ve uncommented the folllowing lines in sentry.conf.py:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True
I’ve found the following template for reverse SSL proxy, but unfortunately it’s for nginx .
How can I translate this to apache? I think especially the following lines are of importance:
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
# keepalive + raven.js is a disaster
keepalive_timeout 0;
# use very aggressive timeouts
proxy_read_timeout 5s;
proxy_send_timeout 5s;
send_timeout 5s;
resolver_timeout 5s;
client_body_timeout 5s;
# buffer larger messages
client_max_body_size 5m;
client_body_buffer_size 100k;