Tuesday, February 3, 2009

Service Temporarily Unavailable 503 Code for APEX Apache Proxy

On running a standard proxypass for an apex application on new server, kept getting:
Service Temporarily Unavailable 503


vhost.....


<VirtualHost:*80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/html/domain.com/htdocs
ServerAdmin admin@domain.com

RewriteEngine On

RewriteRule ^/$ apex/f?p=113:1 [R=301]

ProxyRequests Off
<proxy>
Order deny,allow
Allow from all
</proxy>
ProxyPass / http://server:8080/
ProxyPassReverse / http://server:8080/
</VirtualHost>

Checking the error logs: /var/log/httpd/error_log I find:

[Sun Feb 01 21:01:42 2009] [error] (13)Permission denied: proxy: HTTP: attempt to connect to localhost:8080 (1.2.3.4) failed

In this case it was SELinux, giving me the option of either disbaling:

# vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0


Or, a more targeted:

/usr/sbin/setsebool httpd_can_network_connect 1


While in this case "(13)Permission denied:" was self-explanatory, the most common proxy failures I have come across were, in fact, due to my database not being configured on os properly.

Another area to check when your proxy stops proxying is the hostname configuration. Check /etc/hosts, /etc/hostname and make sure your hostname is set properly.

If it is, check listener.ora and tnsnames.ora under /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/admin and make sure they match what is in your host/hostname files.

No comments: