On 8/13/2014 7:22 AM, Amos Jeffries wrote:
> On 13/08/2014 10:29 p.m., Robert Cicerelli wrote:
>> Can anyone offer some help on this?
>>
>> I'm having a problem that just started after I implemented squid reverse
>> proxy. I have a couple of applications on one of the apache servers
>> behind the reverse proxy. Every time someone tries to upload relatively
>> large files to the application (7 MB, 30 MB), they get the following error:
>>
>> Request Entity Too Large
>>
>> If I try to perform the same operation without going through the squid
>> reverse proxy, the uploads work with no problems.
>>
>> I'm using proxy 3.1.20
>> <https://github.com/pfsense/pfsense-packages/commits/master/config/31>
>> on pfsense. I tried posting this issue on the pfsense support forums and
>> I have gotten zero replies so I'm trying the squid mailing list. The
>> situation has become a big problem so I would appreciate some help on this.
>>
>> A few parameters I've adjusted to various values with no success:
>>
>> Minimum object size
>> Maximum object size
>> Memory cache size
>> Maximum download size
>> Maximum upload size
>>
>> Thanks a lot
>>
> Can you provide a sample of the request HTTP headers being sent to Squid
> for one of these failed uploads?
>
> Amos
>
>
>
One more thing to add that I just discovered:
First a little background for the sake of clarification, I'm using squid
in reverse proxy in order to forward appropriate https requests to
multiple servers behind the firewall since we only have on public IP
address. In the particular instance I'm having a problem with, we have a
web application on one of the web servers that's running over https. So,
I created a webserver in squid pointing to the IP of the actual
webserver and I set the port to 443 since the web application on the
web server is only configured to respond to 443. Then i created a
mapping group that listened for four https URIs, one of the URIs being
the secure web application in question and I binded it to the webserver
I created earlier.
So now, as a test, I created a virtual host to listen on port 80 for the
web application in question in addition to the virtual host listening on
443. I removed the URI for that app from the existing mapping group. I
created another webserver in squid and this time instead of pointing it
to port 443 I pointed to port 80. Then I created another mapping group
that listened for the web application on 443 and I binded it to the
newly created webserver which is now pointed to 80. I tested the file
upload and it worked like a charm. So, the problem seems to arise when i
create a web server in squid and point it to port 443 of the webserver.
And just in case anyone asks, I did disable internal certificate. Not
sure if that makes a difference.
Hopefully what i wrote is clear and it will help pinpoint the problem.
Thanks a lot
Received on Wed Aug 13 2014 - 18:13:01 MDT
This archive was generated by hypermail 2.2.0 : Thu Aug 14 2014 - 12:00:05 MDT