httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 52149] New: mod_proxy_balancer serves wrong content
Date Mon, 07 Nov 2011 18:33:48 GMT

             Bug #: 52149
           Summary: mod_proxy_balancer serves wrong content
           Product: Apache httpd-2
           Version: 2.2.14
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: mod_proxy_balancer
    Classification: Unclassified

The server starts to serve random contents suddenly. By 'random' I mean that
request of the home page can returns images, css, javascript or the page of
another user.

Our Apache has many site configurations enabled but only one of these had the
load balancer:

Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/"
<Proxy balancer://mycluster>
  BalancerMember route=8081
  BalancerMember route=8181
  BalancerMember route=8281
  ProxySet stickysession=ROUTEID

and some rewrite rule to Zope servers.
The only site showing the strange behavior was the one with the balancer.

Apache is patched with the last security updates available for Ubuntu Lucid
(the last was apache2-mpm-worker on 2011-09-02).

Friday 4 November 2011 we begin to experience the strange behavior, after a
restart the site went right but starting over after some time (to few minutes
to hours).

Sunday we decide to remove the balancer and the behavior disappear. I check the
logs to spot an attack but without success.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message