#StackBounty: #apache-2.4 #php-fpm #mod-proxy-fcgi Apache PHP-FPM weird responses with Proxy enablereuse=on

Bounty: 100

When enabling <Proxy ... enablereuse=on max=10> I start receiving strange responses. When refreshing the current page, the main request loads different responses; like a blank page, responses intended for a separate client, or a 404 response from a CSS file on the requested page.

Removing enablereuse, fixes the strange responses, but prevents concurrent requests from the same user, meaning each request is served individually.

For example: opening two browser tabs to two different URLs on the same vhost domain, if the first requested page takes 5 seconds to load, it will not load the second tab until the first has completed.

I am trying to prevent this, by allowing the same client to perform multiple requests simultaneously, in a concurrent non-blocking manner.

Server Environment

CentOS 6.10 x64
php 5.6.37 Remi
Apache 2.4.33 IUS

MPM Event configuration

<IfModule mpm_event_module>
    ServerLimit              100
    StartServers             4
    ThreadLimit              64
    MaxRequestWorkers        100
    MinSpareThreads          25
    MaxSpareThreads          75
    ThreadsPerChild          25
    MaxConnectionsPerChild   1000
    ListenBacklog       511
</IfModule>

Virtual Host Config (1 of 4 – all identical except IP address, UDS and ServerName)

<VirtualHost 192.168.1.71:443>
    ServerName example.com:443
    DocumentRoot /home/example/example.com
    <IfModule mod_ssl.c>
        SSLEngine on
        SSLCertificateFile /etc/httpd/ssl/certs/example.crt
        SSLCertificateKeyFile /etc/httpd/ssl/private/example.key
        SSLCertificateChainfile /etc/httpd/ssl/certs/example.ca-bundle
        <IfModule mod_setenvif.c>
            SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
        </IfModule>
        <IfModule mod_headers.c>
            Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
        </IfModule>
    </IfModule>
    <Directory "/home/example/example.com">
        AllowOverride All
        Require all granted
    </Directory>
    <IfModule mod_proxy_fcgi.c>
        <FilesMatch .php$>
            <If "-f %{REQUEST_FILENAME}">
                SetHandler "proxy:unix:/var/run/example.sock|fcgi://127.0.0.1/"
            </If>
        </FilesMatch>
        <Proxy "fcgi://127.0.0.1" enablereuse=on max=10>
            ProxySet timeout=7200
        </Proxy>
    </IfModule>
</VirtualHost>

PHP-FPM pool Config (1 of 4 all identical except UDS)

[example_com]
user = example
group = example
listen = /var/run/example.sock
listen.owner = example
listen.group = apache
listen.mode = 0660

pm = dynamic
pm.max_children = 20
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 20
pm.max_requests = 1000

security.limit_extensions = .php

I have tried using a TCP proxy as opposed to UDS due to other posts commenting on issues with UDS not being supported, but the issue persists:

<IfModule mod_proxy_fcgi.c>
    <FilesMatch .php$>
        <If "-f %{REQUEST_FILENAME}">
            SetHandler "proxy:fcgi://127.0.0.1:9000/"
        </If>
    </FilesMatch>
    <Proxy "fcgi://127.0.0.1:9000" enablereuse=on max=10>
        ProxySet timeout=7200
    </Proxy>
</IfModule>

Also tried changing the PHP-FPM config with a pm set to ondemand and static.


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.