DigitalOcean

Report this

What is the reason for this report?
Question

Apache HTTP proxy work for some destination ip and receive 502 Bad Request from other destinations

Posted on May 4, 2021
Apache
alexartd

By alexartd

I’ve an HTTP proxy like this:

Listen 8240
<VirtualHost *:8240>

ProxyRequests On

<Proxy "*">
  SetEnv force-proxy-request-1.0 1
  SetEnv proxy-nokeepalive 1
</Proxy>

</VirtualHost>

If I try an HTTP GET to an ip:

curl -v http://10.85.235.206:58000/ConnectionRequest -x 10.221.63.90:8240
* About to connect() to proxy 10.221.63.90 port 8240
*   Trying 10.221.63.90... connected
* Connected to 10.221.63.90 (10.221.63.90) port 8240
> GET http://10.85.235.206:58000/ConnectionRequest HTTP/1.1
> User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Host: 10.85.235.206:58000
> Pragma: no-cache
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 OK
< Date: Thu, 29 Apr 2021 10:53:29 GMT
< Server: Apache/2.4.46 (Unix)
< Content-Length: 0
* Connection #0 to host 10.221.63.90 left intact
* Closing connection #0

I receive 200 OK.

To another IP:

curl -v http://10.74.170.178:58000/ConnectionRequest -x 10.221.63.90:8240 
* About to connect() to proxy 10.221.63.90 port 8240
*   Trying 10.221.63.90... connected
* Connected to 10.221.63.90 (10.221.63.90) port 8240
> GET http://10.74.170.178:58000/ConnectionRequest HTTP/1.1
> User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Host: 10.74.170.178:58000
> Pragma: no-cache
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 502 Bad Gateway
< Date: Thu, 29 Apr 2021 10:54:36 GMT
< Server: Apache/2.4.46 (Unix)
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=iso-8859-1
< Expires: Thu, 29 Apr 2021 10:54:36 GMT
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>502 Bad Gateway</title>
</head><body>
<h1>Bad Gateway</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />
</p>
</body></html>
* Connection #0 to host 10.221.63.90 left intact
* Closing connection #0

I receive 502 Bad Request. They are two different device, the first like request and respond OK, the second respond 502 but the request is the same with the same apache 2.4 http proxy. I have to update my apache configuration in order to work well also with the second device. But I don’t understand the difference. If I contact the second device directly without http proxy, it respond ok:

curl -v http://10.74.170.178:58000/ConnectionRequest 
* About to connect() to 10.74.170.178 port 58000
*   Trying 10.74.170.178... connected
* Connected to 10.74.170.178 (10.74.170.178) port 58000
> GET /ConnectionRequest HTTP/1.1
> User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
> Host: 10.74.170.178:58000
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: 
< Server: Apache/2.0.40 (Red Hat Linux)
< Content-Length: 21
<          Connection: close
< Content-Type: text/plain; charset=ISO-8859-1
Connection #0 to host 10.74.170.178 left intact
* Closing connection #0

Why it doesn’t like request throw proxy ? Any help is precious. Many thanks



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
alexartd
alexartd
May 11, 2021

Hi Bobby, thanks for your response. It is not a reachability problem. Both device are reachable on port 58000 with telnet. There aren’t firewall block. I suppose there is something in the http header that is different from direct request and request via apache proxy. Device doesn’t like the second and respond with 502. The scope is to find some configurations to introduce in apache proxy to simulate direct request in order to avoid 502 error.

0
Bobby
Bobby
May 7, 2021

Hi there,

As the proxy configuration works with one server but not the other, what I could suggest is running telnet or an MTR from the 10.221.63.90 server to 10.74.170.178 on port 58000 and see if you get a successful connection.

If you have a firewall installed on one of the servers you might have to allow the connections on those specific ports.

Also do you get some more information in the Apache error log?

Regards, Bobby

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Start building today

From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications.

© 2026 DigitalOcean, LLC.Sitemap.
Dark mode is coming soon.