mod_backdoor for IHS 2.0 provides an alternate way of sending requests to the web server when IHS is not responding to requests on its normal ports. (This unresponsive condition can occur when all configured IHS threads are waiting for a response from another server, such as an application server or LDAP server.)
The administrator can use this "back door" into IHS to see mod_status reports or make any other request when necessary. It is recommended that some form of access control be enabled for the "back door" so that the port is not overrun by other clients. Only one thread will be available to handle requests sent to the "back door" port.
IHS 2.0.42 and above on AIX and Linux (x86)
(Some other platforms are expected to be supported in the future.)
Enable this module if occasional unresponsive periods have occurred and a mechanism is needed to view mod_status reports during these periods.
Such reports from mod_status are most useful if the
ExtendedStatus
directive is set to on
.
mod_status must be configured separately. mod_backdoor does not provide a status display on its own.
The Apache module API does not currently support some operations which are needed by mod_backdoor. This leads to the following limitations:
mod_backdoor has not been tested with SSL connections, so don't enable SSL for the mod_backdoor port. (Normal SSL use is fine.)
Copy mod_backdoor.so for your platform to the modules directory in the web server installation location (e.g., to /opt/IBMIHS/modules).
Add the following directives at the end of your configuration file:
loadmodule backdoor_module modules/mod_backdoor.so <IfModule mod_backdoor.c> BackdoorAddress 0.0.0.0:65535 </IfModule>(or change "65535" to the desired listening port)
Access control may also be appropriate, to ensure that mod_backdoor is not overrun with requests during periods where the administrator needs to use it to obtain status. Here is an example:
<VirtualHost *:65535> <location /> order deny,allow # in this example, the "back door" can only be used over the loopback # interface; thus, the administrator would have to use a browser # on the same machine as IHS allow from 127.0.0.1 deny from all </location> </VirtualHost>
Restart the server so that the updated configuration takes effect.
Comment out the LoadModule
directive added as part of the activation step.
Restart the server so that the updated configuration takes effect.