The KeepAlive is set by default between Apache and the backend server, since it uses HTTP/1.1

You can disable KeepAlive with

Code: [Select]

SetEnv proxy-nokeepalive 1
e.g.

Code: [Select]

<Location "/">
  ProxyPass "http:/appserver:8080/"
  SetEnv force-proxy-request-1.0 1
  SetEnv proxy-nokeepalive 1
</Location>

Hello from Canada!

I'm looking for some assistance. We're running Apache 2.4.46 (httpd-2.4.46-o111g-x64-vc15) on Windows Server 2012R2 as a reverse proxy load balancer.

Sometimes, the balancer workers report a busyness count greater than 0 (usually 1) on the balancer-manager status page, even though not seemingly serving any request. As a result, the requests are unevenly distributed between the 2 workers.

Restarting Apache clears the count, and it also clears itself after a while. What could cause this? KeepAlive?

I tried to debug the process, but the instructions for Windows seems to be outdated: http://httpd.apache.org/dev/debugging.html#backtrace-win
I can't find the *-symbols.zip download.

Is there instructions to build and debug Apache on Windows? What could I do to troubleshoot this further?

Thank you,
Max

Our environment:
    - OS: Windows Server 2012 R2 (x64)
    - Server Version: Apache/2.4.46 (Win64) OpenSSL/1.1.1g mod_h264_streaming/2.2.7
    - Server MPM: WinNT
    - Server Built: Aug 1 2020 13:21:32
    - Distributed by: The Apache Haus
    - Compiled with: Visual Studio 2017

Our configuration:
    - Single process (winnt mpm)
    - ThreadsPerChild 15000
    - Virtual host with proxy_balancer (HTTP/1.1 TLS 1.2)
    - 2 balancer workers (https to the 2 application servers)
        - lbmethod=bybusyness
        - stickysession=JSESSIONID

You can block some stuff

Code: [Select]

RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|PUT|DELETE|FLURP|HEAD)
RewriteRule .* - [R=405,L]

RewriteCond %{HTTP_USER_AGENT}  ^.*python-requests.*$
RewriteCond %{HTTP_USER_AGENT}  ^.*opensiteexplorer.*$
RewriteRule . - [R=403,L]

RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]


Thank you for the build!

WORDPRESS : 5.4.2 / MY PHP : 7.4.8 / SERVER : APACHE / MYSQL : 5. 7. 28 / HOSTING : 1&1 IONOS (on sharing, mutual hosting) / PROTOCOLE SSL : ENABLE

Hi everyone !
I'm a travelling photographer building a website (contain pictures, YouTube movie, donation plateform and woo commerce) to establish social aid towards some of the causes which have moved me on my travels. and need all the help I can get.
I am the only administrator and a beginner in web development, i would like to make a heartfelt plea to all the IT Tech gurus out there: can you please, please check my .htaccess files . I have been struggling with this for a while and any advice to help me out of this tangle would be so absolutely appreciated.
My domain look like https://xxxxxx-xxxxx.fr i have redirection for people come in https://www.xxxxxx-xxxxx.fr (I want keep this configuration www.xxxxxxx-xxxxx.fr for endpoint)
Another question, my website actually works with this .htaccess, i am not sure but i feel i have a redirection problem, can you check this code please, and if you have suggestions for optimization, security... it would be greatly appreciated !!!
I have replace my url website by : https://www.xxxxxx-xxxxxxx.fr/ for privacy If you need my url website I can send it to you in a private message.
MY HTACCES CODE :
# BEGIN WordPress
# Les directives (lignes) entre 'BEGIN WordPress' et 'END WordPress' sont
# généré dynamiquement, et ne doivent uniquement être modifiées via les filtres WordPress.
# Toute modification des directives entre ces marqueurs sera outrepassée.

Code: [Select]

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
## EXPIRES HEADER CACHING ##
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType image/svg "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType application/javascript "access 1 month"
ExpiresByType application/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
## EXPIRES HEADER CACHING ##

# Make PHP code look like unknown types
AddType application/x-httpd-php .bop .foo .133t
<IfModule mod_rewrite.c>
RewriteEngine on
# HSTS preload
RewriteCond %{HTTP_HOST} !^www\.[^.]+\.[^.]+$
# Then redirect http to https (if necessary)
RewriteCond %{HTTPS} on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
</IfModule>

# BEGIN wccp_pro_image_protection
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} (PrintFriendly.com)
RewriteRule ^.*$ https://www.xxxxxx-xxxxxxx.fr/wp-content/plugins/wccp-pro/watermark.php [R=301,L]
RewriteCond %{HTTP_COOKIE} (wccpprocookie=excludethispage)
RewriteRule ^(.*)\.(jpg|png|jpeg|gif)$ - [NC,L]
RewriteCond %{QUERY_STRING} (wccp_pro_watermark_pass) [NC,OR]
RewriteCond %{REQUEST_URI} (wp-content/plugins) [NC,OR]
RewriteCond %{REQUEST_URI} (wp-content/themes) [NC,OR]
RewriteCond %{REQUEST_URI} (logo|background|150x150) [NC,OR]
RewriteCond %{REQUEST_URI} (this_is_just_not_any_wanted_image_size) [NC]
RewriteRule ^(.*)\.(jpg|png|jpeg|gif)$ - [NC,L]
# What happen to images on my site
#RewriteCond %{HTTP_ACCEPT} (image|png) [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?xxxxxx-xxxxxx.fr [NC,OR]
RewriteCond %{HTTP_REFERER} ^(.*)xxxxxx-xxxxxx.fr [NC]
RewriteRule ^.*$ - [NC,L]
#Save as or Click on View image after right click or without any referer
RewriteCond %{REQUEST_URI} (stackpathcdn.com) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (stackpathcdn.com) [NC,OR]
RewriteCond %{HTTP_ACCEPT} (text|html|application|image|png) [NC]
RewriteRule ^(.*)\.(jpg|png|jpeg)$ https://www.xxxxx-xxxxxx.fr/wp-content/plugins/wccp-pro/watermark.php?&src=/$1.$2&w=1 [R=301,NC,L]
RewriteCond %{REQUEST_URI} \.(jpg|jpeg|png)$ [NC]
RewriteCond %{REMOTE_ADDR} !^(127.0.0.1|162.144.5.62)$ [NC]
RewriteCond %{REMOTE_ADDR} !^66.6.(32|33|36|44|45|46|40). [NC]
RewriteCond %{HTTP_USER_AGENT} !(this_is_just_not_any_wanted_service_name) [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?(this_is_just_not_any_wanted_service_name) [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?(www.xxxx-xxxxx.fr|xxxx-xxxxx.fr|pinterest.com|tumblr.com|facebook.com|plus.google|twitter.com|googleapis.com|googleusercontent.com|ytimg.com|gstatic.com) [NC]
RewriteCond %{HTTP_USER_AGENT} !(linkedin.com|googlebot|msnbot|baiduspider|slurp|webcrawler|teoma|photon|facebookexternalhit|facebookplatform|pinterest|feedfetcher|ggpht) [NC]
RewriteCond %{HTTP_USER_AGENT} !(photon|smush.it|akamai|cloudfront|netdna|bitgravity|maxcdn|edgecast|limelight|tineye) [NC]
RewriteCond %{HTTP_USER_AGENT} !(developers|gstatic|googleapis|googleusercontent|google|ytimg) [NC]
RewriteRule ^(.*)\.(jpg|png|jpeg)$ https://www.xxxxx-xxxxxx.fr/wp-content/plugins/wccp-pro/watermark.php?&src=/$1.$2&w=1 [R=301,NC,L]
</ifModule>
# END wccp_pro_image_protection

# BEGIN HttpHeaders
# Les directives (lignes) entre 'BEGIN HttpHeaders' et 'END HttpHeaders' sont
# généré dynamiquement, et ne doivent uniquement être modifiées via les filtres WordPress.
# Toute modification des directives entre ces marqueurs sera outrepassée.
# END HttpHeaders

# BEGIN WP-Optimize Gzip compression
<IfModule mod_filter.c>
<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddType application/vnd.ms-fontobject .eot
AddType font/ttf .ttf
AddType font/otf .otf
AddType font/x-woff .woff
AddType image/svg+xml .svg
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-font-woff
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE font/woff
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
# Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</IfModule>
</IfModule>

# END WP-Optimize Gzip compression
# BEGIN WP-Optimize Browser Cache
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css "access 28 days"
ExpiresByType text/html "access 28 days"
ExpiresByType image/gif "access 28 days"
ExpiresByType image/png "access 28 days"
ExpiresByType image/jpg "access 28 days"
ExpiresByType image/jpeg "access 28 days"
ExpiresByType image/webp "access 28 days"
ExpiresByType image/x-icon "access 28 days"
ExpiresByType application/pdf "access 28 days"
ExpiresByType application/javascript "access 28 days"
ExpiresByType text/x-javascript "access 28 days"
ExpiresByType application/x-shockwave-flash "access 28 days"
ExpiresDefault "access 28 days"
</IfModule>

<IfModule mod_headers.c>
<filesMatch "\.(ico|jpe?g|png|gif|webp|swf)$">
Header set Cache-Control "public"
</filesMatch>

<filesMatch "\.(css)$">
Header set Cache-Control "public"
</filesMatch>

<filesMatch "\.(js)$">
Header set Cache-Control "private"
</filesMatch>

<filesMatch "\.(x?html?|php)$">
Header set Cache-Control "private, must-revalidate"
</filesMatch>
</IfModule>

#Disable ETag
FileETag None
# END WP-Optimize Browser Cache
# BEGIN HttpHeadersCookieSecurity
# Les directives (lignes) entre 'BEGIN HttpHeadersCookieSecurity' et 'END HttpHeadersCookieSecurity' sont
# généré dynamiquement, et ne doivent uniquement être modifiées via les filtres WordPress.
# Toute modification des directives entre ces marqueurs sera outrepassée.
# END HttpHeadersCookieSecurity
# Wordfence WAF

<Files ".user.ini">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>

<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>

# END Wordfence WAF
Thank you again so much for going through it. Again, I’m in over my head, and any advice at all on this would be appreciated.
Wishing you a wonderful day !

This release is a bug fix & stability release.

This release includes:
APR Version:        1.7.0
APU Version:        1.6.1
Brotli Version:    1.0.7
Jansson Version:    2.13.1
Libcurl Version:   7.70.0
LibXML2 Version:    2.9.10
LUA Version:        5.2.4
NGHTTP2 Version:    1.41.0
OpenSSL Version:    1.1.1g or LibreSSL 3.1.3
PCRE Version:       8.44
SQLite3 Version:    3.32.3
ZLib Version:       1.2.10

LibreSSL releases are now VS16.
VC14 & 15 modules can be used in these builds to aid in migration so you can upgrade the modules at your convenience.

You can get your copy of the new Apache HTTP Server from our download page.

Change Log for Apache 2.4.46 includes 2.4.44 & 2.4.45 updates which were not released.

As Mario said you should avoid.

Yes, be careful, the installer is not an Apache product, and that is not allowed by the Policy from the ASF.

 The feather graphics are trademarks of the ASF, and must not be used without appropriate attribution and permission from the ASF. Please see our formal Trademark Policy for more details. In particular, as a vendor-neutral public charity that provides independent governance to all Apache projects, you must use care when displaying the feather, and ensure it's clear that it's referring to the ASF as an independent organization.

https://apache.org/foundation/press/kit/
http://www.apache.org/foundation/marks/

I usually default the icon to the main executable. Is there a specific reason that using the main executable icon is not a good idea?

The alternative I have at hand would be the default installer Icon that you see with pretty much every installer.

That is a great tool. You only should avoid using the feather icon from ASF.

As part of my job I have to install and uninstall Apache quite frequently for our apprentices, sometimes with PHP, sometimes without.

Because of this, I made an installer. I don't mean a collection of scripts, but a real installer like you would use for any other software.
https://imgur.com/a/QjeJtRG

I originally didn't intend for it to be used publicly but I changed a few things to make it suitable. Notable features:

• Created a page for update checks and download of installer bundles. There's currently only one installer but I intend for it to grow over time
• Made installer more foolproof (It should stop the service when you try to update a running instance for example)
• Added ability to create firewall rules
• It will create the configuration files and php.ini if not present but will never overwrite them
• php.ini is dynamically changed to reflect a custom path selection by the user
• Post install notes that provide some troubleshooting hints and explain the problems that can arise from running Apache as "Local Service"
• Digital signature. Note: Only the installer and uninstaller are currently signed. I can sign all Apache+PHP binaries in the installer upon popular request but it should not be necessary
• Made PHP optional
• Added the license and changes file
• Permission hardening can be reversed and reapplied at any time
• Removes firewall rules again when you uninstall
• The contents of "htdocs" are never deleted when uninstalling in case you need them later
• Apache is run under an unprivileged "Local Service" user instead of a god account
• It should work if there are spaces in the path name (I still recommend you don't)

I can include all the optional modules if requested. I do not plan on creating 32 bit installers.

The default server configuration has been slightly changed:

• Apache is configured to use PHP as a CGI module using the ScriptAlias/ContentType model. This is always present, even if you don't install PHP, but in that case it has no effect
• index.php added to the automatic directory index
• inclusion of conf/extra/httpd-mpm.conf is enabled by default

The PHP configuration is as follows:

• The base is the development PHP ini file
• Custom "temp" and "session" paths so PHP doesn't pollutes the Windows temp directory
• Safer session handling (user can't create their own id, the id is not accessible from JS)
• Configured a CA file that's in sync with Windows (at the time of creating the setup)

If interested, you can obtain the setup here: https://cable.ayra.ch/apache/

Feedback is encouraged. Thank you.