On 9/9/2010 11:30 PM, Sander Temme wrote:
>
> On Sep 9, 2010, at 9:04 PM, Mike Schleif wrote:
>
>>> Run Apache 2.2.16 in front as reverse proxy, perhaps with
mod_security to keep the stuff you don't want out? That would allow you
to leave the Oracle stuff untouched.
>>
>> Wow! Thank you for a clue.
>>
>> "Run Apache 2.2.16 in front as reverse proxy ..."
>>
>> What's that about?
>
> You'd install a recent version of Apache (2.2.16 being the latest at
this time) on the machine, and run it on port 80 (or whatever the
current Apache binds to; move the current one to a different port like
81). Then configure the front-end Apache to:
>
> ProxyPass / http://localhost:81/
> ProxyPassReverse / http://localhost:81/
>
> This way, clients will connect to the 2.2.16 on port 80, which will
forward their requests to the older httpd.
>
>> The reason my client's come to this is, whenever a Firefox browser
initiates a session, the Apache service dies on Windows VM.
>>
>> I've tried to identify the crash root cause; but, of course, nobody
will help with Apache 1.3.12. Does that affect your recommendation?
>
> Bummer. Hard to debug if you don't have debug symbols for the exact
compile of the server, which I don't suppose Oracle would be able to
produce for you. And then there would be very few on this planet who
could interpret the dump.
>
> If anything, this circumstance reinforces my recommendation. Apache
1.3 was never designed to run on Windows, and insofar that it did has
never been more than an experiment. Apache 2.2 runs much better on
Windows: the platform is considered a first class citizen.
>
> Putting a more modern Apache in front of your old one will have it
take care of the network traffic and deal with any client
idiosyncrasies. And if a particular request or sequence makes your 1.3
backend die, the request will still be logged by the front-end. Newer
Apache versions also have more elaborate logging capabilities for
troubleshooting. This allows you to filter out the culprit requests
using mod_security or something like that, or rewrite them to something
that won't crash your 1.3.
>
> You can also selectively proxy requests back, and eventually have
everything served by the modern front-end. At that point you'd only
pass the requests for the antiquated JServ stuff back to the 1.3.
>
> S.
Yes, very interesting idea.
SSL: move all SSL to the new frontend? No SSL running on legacy web server?
This could work.
If ever I can be of service to you; contact me at once.
I wish for you a truly extraordinary day ...
--
Best Regards,
Mike Schleif
612-235-6060
http://mdsresource.net
http://www.linkedin.com/in/schleif
http://facebook.com/MDSResource
http://twitter.com/mikeschleif
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
