After update to WHM 60.0 (build 15) , Weird proxy phenomena

[tamalero]

Hello!

I started to notice some weird phenomena in the proxy system after updating to the latest versions (WHM, YUM..etc.. )
The error seems pretty strange..


Example: I have a main domain which is also related to the hostname, they have separated ips (ending in .88 and .85 respectively)

main4.example.com
and the example.com site. Both sport a wildcard SSL from godaddy.

Now, before update.. it worked fine.. WHM interface and its associated pages, loaded correctly and the website itself worked fine. (you could access webmail and other services with no issue, also the main site in www and non www ways).

After the update.. the non SSL version of the site throws this error:

Proxy Error
The proxy server could not handle the request GET /.

Reason: Error during SSL Handshake with remote server

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Someone suggested there might be a misconfiguration on the proxy system in apache.

goggling around returned a suggestion of changing the apache directives to include these commands:

SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off

Setting these directives (as a test) and restarted apache.. changed things.. SSL site still works fine..
but non ssl goes straight to the webmail interface!


To resume:

• server hostname and main domain share basic "domain" name "example.com" for example.
• WHM/cpanel and main domain have separate ips (.88 and .85)
• Both have a wildcard certificate from godaddy.
• both worked fine before update and directed to the appropiate websites/areas/ips.
• Now non SSL version of the main domain site throws a SSL shake error. Works fine on HTTPS.
  
• Removing the security protections from the proxy, makes the non ssl version of the main site redirect to the server's hostname webmail interface instead of the main site.

Server info:
CENTOS 7.2 Linux main4.XXXXXXXXXX.com 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
WHM: 60.0 Build 15.
Apache: 2.4.23
PHP: 5.6.27
Command line:

root [/]# grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype ; grep CPANEL= /etc/cpupdate.conf ; httpd -v ; php -v ; mysql -V
/etc/redhat-release:CentOS Linux release 7.2.1511 (Core)
/usr/local/cpanel/version:11.60.0.15
/var/cpanel/envtype:standard
CPANEL=release
Server version: Apache/2.4.23 (Unix)
Server built:   Oct 20 2016 04:01:46
Cpanel::Easy::Apache v3.34.7 rev9999
PHP 5.6.27 (cli) (built: Oct 20 2016 04:07:49)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.1.1, Copyright (c) 2002-2016, by ionCube Ltd.
    with Zend Guard Loader v3.3, Copyright (c) 1998-2014, by Zend Technologies
mysql  Ver 14.14 Distrib 5.6.34, for Linux (x86_64) using  EditLine wrapper

Any suggestions to get it working properly back to how it was?
My google-fu failed and only shows errors from very old (pre 2014) or the 2016 ones suggesting to turn off the apache proxy security directives. Causing weirder redirections.

 

[cPanelMichael]

Hello,

Could you open a support ticket using the link in my signature so we can take a closer look and determine why this is happening? You can post the ticket number here and I'll update this thread with the outcome.

Thank you.

 

[Infopro]

Not sure what this is exactly, related?

    with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.1.1, Copyright (c) 2002-2016, by ionCube Ltd.

 

[tamalero]

Not sure what this is exactly, related?

    with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.1.1, Copyright (c) 2002-2016, by ionCube Ltd.

Hello!

We use a software that is protected by ioncube.. no idea about the intrusion protection. First time I noticed it.
Do you think that could affect the domain redirection and the whole row of issues?

 

[Infopro]

Might be worth investigating surely.

 

[tamalero]

Hello,

Could you open a support ticket using the link in my signature so we can take a closer look and determine why this is happening? You can post the ticket number here and I'll update this thread with the outcome.

Thank you.

Hello!

I have opened a new ticket.

Ticket ID is 7XX2185

 

[tamalero]

Cpanel staff thankfully gave me a solution.
There was a strange INCLUDE on one of the mail subdomains directories. Attached to Apache's conf.
It had a weird rewrite rule, which mentioned the localhost and the webmail port.
This caused the strange phenomena.

Removing this rewrite include file (emptying it). Resolved the issue.
The domain now work normal again.

 

[cPanelMichael]

I'm happy to see the issue is now resolved. Thank you for updating us with the outcome.

 

[syncbyte]

I am having kind of same issue (Installed Version:94.0.4)

Proxy Error
The proxy server could not handle the request
Reason: Error during SSL Handshake with remote server

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

How do I solve this ? my clients sites are down

 

[cPRex]

@syncbyte - can you let us know what URL you are trying to access when you get that error? Is this part of the WHM interface or one of the sites on your machine?