Previously, when the ProxyErrorOverride directive was enabled, the mod_cluster load balancer returned the 503 status code on subsequent requests for about one second. This caused failover, which then propagated through the instances. Additionaly, this bug could be used for the denial of service (DoS) attack. With this update, the requests in the described scenario are now handled correctly
with the 200 status code.
Description of problem:
When ProxyErrorOverride is On, modcluster return 503 status code on subsequent requests, for about a second before returning 200 status code
Version-Release number of selected component (if applicable):
mod_cluster : 1.2.6.Final and 1.2.11.Final
Version jboss EAP : 6.1.1
Version apache httpd : 2.2.15
Version OS : RHEL 6.4
How reproducible:
Steps to Reproduce:
Customer provided a sample app to reproduce.
1. setup mod_cluster and deploy the sample app
2. run the test script, which curl to the sample app.
3. Observe access and error log
Actual results:
we see around 10 calls after the error, getting 503 while, they should go through
Expected results:
After the broken call, all subsequent unbroken calls should return 200 status
Additional info:
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHBA-2017-0784.html