401 Unauthorized error when using Apache 2.4
Do you have mod evasive enabled? This is used to block against DDOS attacks by blocking a certain number of repeat requests from the same IP address.
a2query -m evasive
If it is enabled, you could try to disable it or increase the threshold.
References:
Apache httpd throws intermittent 401 errors for same requests which pass otherwise | Stack Overflow
How to remove or disable mod_evasive from Apache Web Server? | Web Hosting Resource Kit
Related videos on Youtube
MotoDave452
I am currently an Entry-Level Software Engineer specializing in JavaScript, JSP, Java, SQL, Technical Support, and various other facets on the Computer Science spectrum.
Updated on September 18, 2022Comments
-
MotoDave452 over 1 year
I currently have an application proxied through 2 separate web servers. One web server is running Apache 2.2 while the other web server is running Apache 2.4. While some of the configuration had to be changed to accommodate Apache 2.4, the configuration between these 2 web servers is essentially the same (we were upgrading web servers).
This application works fine when proxied through Apache 2.2, however when accessing the application through Apache 2.4 I run into an issue.
The application that I am accessing is constantly polling for data by sending out successive AJAX requests. After a certain amount of time/requests (does not seem to be consistent), the Apache 2.4 web server returns a 401 Unauthorized error causing the application to fail. Keep in mind that it works without issue for a period of time however the 401 error always presents itself within a couple of minutes.
When accessing the application via an internal IP or through the Apache 2.2 web server, I do not encounter this issue which leads me to believe Apache 2.4 is causing the issue. Something to do with the successive requests within a short period of time?
Is there a configuration setting that I need to include in Apache 2.4 in order for things to work properly? I am at a loss as to why the 401 error does not present itself initially (everything works fine initially), but does so after a short period of time.
Please let me know if you need any further information. I can provide any .conf files that are necessary. Your help is greatly appreciated.
Best Regards
EDIT: Apache 2.4 'apache2.conf' file (comments removed):
Mutex file:${APACHE_LOCK_DIR} default PidFile ${APACHE_PID_FILE} Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 15 ServerLimit 2000 <IfModule event.c> StartServers 2 MinSpareThreads 25 MaxSpareThreads 150 ThreadLimit 64 ThreadsPerChild 25 MaxClients 2000 </IfModule> User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} HostnameLookups Off ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel debug IncludeOptional mods-enabled/*.load IncludeOptional mods-enabled/*.conf Include ports.conf <Directory /> Options FollowSymLinks AllowOverride None Require all denied </Directory> <Directory /usr/share> AllowOverride None Require all granted </Directory> <Directory /var/www/> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> AccessFileName .htaccess <FilesMatch "^\.ht"> Require all denied </FilesMatch> LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent IncludeOptional conf-enabled/*.conf IncludeOptional sites-enabled/*.conf
EDIT 2: Apache 2.4 Virtual Host Config
<VirtualHost *:80> ServerName application.url.com:80 ServerAlias application.url.com ServerAdmin [email protected] DocumentRoot /sharedfilesystem/htdocs <Directory /> Options -Indexes +FollowSymLinks AllowOverride None </Directory> <Directory /sharedfilesystem/htdocs> Options -Indexes +FollowSymLinks +MultiViews AllowOverride None Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/application.url.com/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/application.url.com/access.log combined RewriteEngine On RewriteCond %{DOCUMENT_ROOT}/maintenance.html -f RewriteCond %{REQUEST_FILENAME} !/maintenance.html RewriteRule ^.*$ /maintenance.html [L] RewriteCond %{QUERY_STRING} !^$ RewriteCond %{QUERY_STRING} ^referredBy=.*$ [NC] Include conf.d/*.conf </VirtualHost>
EDIT 3: Apache 2.4 .conf file:
<Location "/ApplicationName"> ProxyPass http://xx.x.x.xxx:8081/ApplicationName ProxyPassReverse http://xx.x.x.xxx:8081/ApplicationName </Location> Alias "/scripts" "/sharedfilesystem/scripts" <Directory "/sharedfilesystem/scripts"> Options None +FollowSymLinks AllowOverride None Require all granted </Directory> Alias "/css" "/sharedfilesystem/css" <Directory "/sharedfilesystem/css"> Options None +FollowSymLinks AllowOverride None Require all granted </Directory> Alias "/images" "/sharedfilesystem/images" <Directory "/sharedfilesystem/images"> Options None +FollowSymLinks AllowOverride None Require all granted </Directory> <Macro Template $templateName> AliasMatch (?i)^/$templateName(.*) "/sharedfilesystem/$templateName/htdocs$1" <Directory "/sharedfilesystem/$templateName/htdocs"> Options None +FollowSymLinks AllowOverride None Require all granted </Directory> </Macro> Use Template TemplateName
EDIT 4: Output of CURL Command:
* About to connect() to application.url.com port 80 (#0) * Trying xx.xx.xx.xx... connected > GET /ApplicationName HTTP/1.1 > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: application.url.com > Accept: */* > < HTTP/1.1 302 Moved Temporarily < Date: Wed, 10 Jan 2018 17:17:30 GMT < Server: Apache-Coyote/1.1 < Location: http://application.url.com/ApplicationName/ < Content-Length: 0 < Content-Type: text/plain < * Connection #0 to host application.url.com left intact * Closing connection #0
EDIT 5: Virtual Host error.log:
[proxy_http:error] [pid 2139:tid 140080089888512] (104)Connection reset by peer: [client xx.x.x.xx:57710] AH01102: error reading status line from remote server xx.x.x.xxx:8081, referer: http://application.url.com/ApplicationName/control?vi=jlsut7u1d05np [proxy:error] [pid 2139:tid 140080089888512] [client xx.x.xx.xx:57710] AH00898: Error reading from remote server returned by /ApplicationName/entryFailure, referer: http://application.url.com/ApplicationName/control?vi=jlsut7u1d05np
EDIT 6: Virtual Host access.log showing successive 200 responses then 401 response:
xx.x.xx.xx - - [05/Jan/2018:15:47:34 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185254581&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255012&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185254703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:35 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255461&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185255913&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185255703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:36 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185256430&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185256994&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 626 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185256703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=23 HTTP/1.1" 200 627 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185257423&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:37 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185257888&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185257703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185258320&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:38 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185258760&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185258703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185259341&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:39 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185259900&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185259707&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185260345&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 385 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:40 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185260825&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 349 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:41 -0500] "GET /ApplicationName/rest/view/59oe744gqs05i/update?_=1515185260703&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 200 386 "http://application.url.com/ApplicationName/control?vi=59oe744gqs05i" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" xx.x.xx.xx - - [05/Jan/2018:15:47:41 -0500] "GET /ApplicationName/rest/view/7r3aa5jfn22ld/update?_=1515185261272&casPartySeq=490&casConfSeq=1054&casQaSeq=490&ctxSeq=24 HTTP/1.1" 401 345 "http://application.url.com/ApplicationName/control?vi=7r3aa5jfn22ld" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
-
MotoDave452 over 6 yearsUnfortunately we are not making using of 'mod_evasive'. Thank you for your suggestion though!