0

I've been running a site for the past 3 years with out any issues. The current SSL certificate was applied the past December. It is running on the FreeBSD 10 operating system. Apache is configured as a reverse proxy passing to Tomcat 6.0. As of this week the initial loading of pages has become extremely slow and does not leave any messages for the user. Nothing seems to stand out in my logs either. I will try to post the configuration below in hopes someone with a fresh set of eyes sees something I'm overlooking. There have been no modifications to the configuration since the site was stood up. If you need any additional info I'll be happy to provide.

Thanks

<VirtualHost *:443>
#   General setup for the virtual host
DocumentRoot "/usr/local/apache-tomcat-6.0/webapps"
ServerName hsc.myissinc.com
ServerAdmin [email protected]
ServerSignature Off

Timeout 60
#KeepAlive On

ErrorLog /var/log/apache2/ajp.error.log
LogLevel warn
CustomLog /var/log/apache2/ajp.log combined

RewriteEngine On
#RewriteOptions inherit

ProxyVia On
ProxyRequests Off
ProxyPreserveHost Off
#ProxyPassReverseCookieDomain localhost hsc.myissinc.com

ProxyPass /easehsc/PublicTempStorage/ http://localhost:8080/easehsc/PublicTempStorage/ retry=10 acquire=3000 connectiontimeout=300 timeout=300 Keepalive=on
ProxyPassReverse /easehsc/PublicTempStorage/ http://localhost:8080/easehsc/PublicTempStorage/ 

ProxyPass /easehsc/ http://localhost:8080/easehsc/ retry=10 acquire=3000 connectiontimeout=300 timeout=300 Keepalive=on
ProxyPassReverse /easehsc/ http://localhost:8080/easehsc/ 

ProxyPass / http://localhost:8080/ retry=10 acquire=3000 connectiontimeout=300 timeout=300 Keepalive=on
ProxyPassReverse / https://localhost:8080/ 

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on
SSLProxyEngine on

#   Server Certificate:
SSLCertificateFile "/root/sslCA/myissinc.cer"

#   Server Private Key:
SSLCertificateKeyFile "/root/sslCA/myissinc.key"

#   Server Chain File (Intermediate Cert)
SSLCertificateChainFile "/root/sslCA/myissincint.cer"

</VirtualHost>

Improve this question
5
  • better move this to superuser, because the Apache experts live there. And one more thing: the company I work for has banned Tomcat 6 because of security issues that can no longer be resolved because it is out of service. So perhaps you should update after you solved your primary problem.
    – Marged
    Commented Jun 11, 2015 at 16:43
  • If this site can be reached from the Internet: think about publishing the link to it ...
    – Marged
    Commented Jun 11, 2015 at 16:45
  • Is the https in ProxyPassReverse / https://localhost:8080/ intended?
    – Bruno
    Commented Jun 11, 2015 at 16:57
  • Try going to hsc.myissinc.com/easehsc/servlet/index
    – jamesrr40
    Commented Jun 11, 2015 at 18:33
  • Good catch Bruno. That is supposed to be http. Making the change and seeing if the result is positive.
    – jamesrr40
    Commented Jun 11, 2015 at 18:37

1 Answer 1

Reset to default
1

Turns out the issue was not with the Apache configuration nor tomcat at all. The web app was calling a REST API that was suddenly taken offline due to getting DDoS attack. We commented this call out and all works great. Thanks for those who looked at this and made suggestions.

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.