We have a sporadic problem accessing some internal links on websites. (Windows Firefox, Internet Explorer, Chrome)
Behaviour
On first clicking a link, the browser will load infinitely. The second click on the same link then works perfectly fine.
The clients
We are running Windows 7 on the client-side and already tried different browsers (IE11, Firefox and Chrome). Avira Antivirus has its Browser-Security plugin enabled on these clients.
The web server
The server is running Debian Jessie, Apache 2.4.10 and Joomla.
Analyzing the network trace
When we trace the connection using wireshark, we find that the webserver misses to react on an ackowledgement the client sends, then sends a FIN-package, which is ignored by the client. The client continues to use the same TCP-connection, that was finished by the server.
Network-Trace: (all captured within a single tcp session)
1. Client sends ACK
2. Server recieves ACK
3. Server sends FIN-package after 5 seconds
4. Client recieves FIN-package
5. Client ignores FIN-package and continues to send data
6. Server recieves data, sends ACK-package, but no answer on the data
7. The browser session freezes
The avira plugin
What we know so far is that the error wont occur, if we disable the Browser-Security plugin of Avira or exclude the URL from being monitored. Avira has confirmed the error, but cant tell us when it will be fixed.
Questions
Anyway, the problem occours only on that web server, all other web servers are not affected.
So it can be influenced by the configuration on the web server.
I'd like to ask if anyone experienced similar errors so far?
Another question would be if there are settings regarding Apache or the TCP-stack to disable the ACK (point 6) which seems to be incorrect anyway.
EDIT
The typo3 sites are also affected.
As a workaround: After increasing the keepalive on apache from 5s to 90s the error doesn't occour anymore. (But we'd like to avoid such high keepalives)
