7

Is there any way to produce same Nginx 444 error in apache.

Nginx

444--> Connection Closed Without Response.

I like this error since if anyone tries to CURL he gets an empty response, but not so in Apache.

Machavity
  • 846
  • 10
  • 26
Amanat
  • 87
  • 1
  • 3
  • Most likely with custom error responses: https://httpd.apache.org/docs/2.4/custom-error.html if I am not mistaken. – David B. Dec 23 '16 at 20:35
  • but not defined "how to create connection closed error" – Amanat Dec 23 '16 at 20:39
  • No, in that case you'd use: `ErrorDocument 444 "Connection Closed Without Response"` – David B. Dec 23 '16 at 20:42
  • You are not getting my point sir. For example here is the IP with NGINX 444 error. http://95.211.150.66/. But with your solution users will read a text which i don't want to show. – Amanat Dec 23 '16 at 20:45
  • As far as I know, Apache doesn't have the equal functionality to the nginx 444 "error code". It is not an HTTP actual error code but an immediate shutdown of TCP connection. – Tero Kilkanen Jun 08 '17 at 11:59
  • the are no real drawbacks at leaving nginx in front of apache even in a local setup (except in the case of a embedded and resource limited setup). Isn't this an option in your case? – Danduk82 Aug 26 '17 at 18:22

3 Answers3

2

444 is not returned to the client, it is only written into nginx logs signalling that a connection was closed with no response. This same firewall-like behavior can be achieved in apache using modsecurity and DROP actions.

Jonah Benton
  • 1,252
  • 7
  • 13
0

In case this helps...

I use Apache as a reverse proxy for a web app on port 3000, and I wanted to simply drop certain bogus requests with extreme prejudice — e.g., it's not WordPress, so I don't even want to dignify /wp-admin probes with a response!

Anyway, I installed mod_security as suggested, and added the following /etc/httpd/modsecurity.d/10-empty-response.conf entry; now my app can return a "444" status, and the proxy will drop the connection:

SecRule RESPONSE_STATUS 444 "id:'444444',phase:3,log,drop"
DabeDotCom
  • 1
  • 1
-2

Custom, non-standard HTTP response codes such as 444 do not seem to be supported by Apache. I could not find an exhaustive list of allowed codes in Apache's documentation for the ErrorDocument directive, however testing with something like

    <Location /444>
        ErrorDocument 444 "Something"
    </Location>

Doesn't even allow Apache to load, whereas changing the 444 above to 404 allows Apache to load without any errors or problems.

jolian
  • 107
  • 1
  • 6