Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Apache:Modules
apache2-debugging-modules
mod_backdoor.txt
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mod_backdoor.txt of Package apache2-debugging-modules
The main purpose of mod_backdoor is to provide a relatively fail-safe way to send requests to the web server when overall there are serious web server problems. It is "Plan B" for when something is wrong with the web server but a request for mod_status or any test request is not being processed. Perhaps all your web server threads are blocked waiting on an application server to respond? Sneak in through the back door and get a mod_status report and see if that is the case. (Check the URLs and look for 'W' as the state.) Perhaps something very fundamental, such as an accept mutex, has broken, and all your web server threads are idle with no work to do? Sneak in through the back door and get a mod_status report and see if that could be the case. (Check for a diminishing number of active connections.) Another purpose of mod_backdoor is for a simple module/core server debugging environment alongside the processes and threads created by the normal MPM. If you send a request through the back door, there is no question which process/thread will handle it, because mod_backdoor has only one, and you can have your debugger waiting. Also, because the mod_backdoor daemon process is not threaded, any problems your platform has debugging threaded processes will not be a problem. And if this system is being actively accessed, it is helpful that controlling the mod_backdoor daemon process with a debugger won't affect threads in the real MPM processes. PROBLEMS: 1) mod_backdoor can't currently handle a restart of the server; if that happens, the daemon will exit, an error message will be written to the log, and the back door will be unavailable 2) mod_backdoor uses the last scoreboard slot, even if some other thread is using it; to avoid clobbering that last slot, make sure that ThreadsPerChild is less than ThreadLimit or MaxClients/ThreadsPerChild is less than ServerLimit To compile/install mod_backdoor, perform the following operations: # apxs -c mod_backdoor.c # apxs -i mod_backdoor.la To enable mod_backdoor, add something like the following to your conf file: loadmodule backdoor_module modules/mod_backdoor.so <IfModule mod_backdoor.c> BackdoorAddress 127.0.0.1:65535 </IfModule> Although the controls below are redundant with the BackdoorAddress shown above, it may be useful as an example. You could specify 0.0.0.0:port for BackdoorAddress then use mod_access directives to control which clients can use the back door. <VirtualHost 127.0.0.1:65535> <location /> order deny,allow allow from 127.0.0.1 deny from all </location> </VirtualHost> If firewall rules are used to forbid access to the back door, mod_backdoor will remain useful to permitted clients in more situations since the back door won't be overrun with requests that are simply going to be rejected. It may be useful to disable any complex security (such as mechanisms that may hang when external servers are unreachable) on the back door virtual host (provided you implement alternate restrictions) so that the back door can be used to view mod_status pages and check basic web server operation even when access to security servers is blocked.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor