Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by JeffGodin: http://wiki.apache.org/httpd/InternalDummyConnection The comment on the change is: added section on SSL considerations ------------------------------------------------------------------------------ In 2.2.6 and earlier, in certain configurations, these requests may hit a heavy-weight dynamic web page and cause unnecessary load on the server. You can avoid this by using mod_rewrite to respond with a redirect when accessed with that specific User-Agent or IP address. + === SSL Considerations === + + The internal dummy connections are not capable of speaking SSL. Thus, on servers with SSL enabled, these requests may generate noise in the server error log similar to the following: + {{{ + [info] [client ::1] Connection to child 6 established (server localhost:443) + [info] Seeding PRNG with 656 bytes of entropy + [info] [client ::1] SSL library error 1 in handshake (server localhost:443) + [info] SSL Library Error: 336027900 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking not SSL to HTTPS port!? + [info] [client ::1] Connection closed to child 6 with abortive shutdown (server localhost:443) + }}} + + You can work around this by ensuring that the last Listen directive in your server configuration is not using SSL. In a typical setup, this would mean that "Listen 443" would come before "Listen 80". + + This workaround should cause the internal dummy connections to be made to the non-SSL port, where you can optionally filter them out using the suggestions above. + + In a future release, the server will attempt to connect to a non-SSL port by default. This change has been committed to svn, but not yet released (as of this writing). + + Please see [https://issues.apache.org/bugzilla/show_bug.cgi?id=39653 Bug 39653] for more background. +
