We've recently went live with Sophos UTM9 in our production environment. We're seeing now that some long running requests are being denied with 504 errors. Our application servers run on an apache/tomcat/ubuntu environment. Tomcat is configured with a 600 second timeout and prior to moving into the Sophos environment that was working perfectly fine. Why they take so long is not the point of this topic. We have a requirement to allow these long running http requests and it seems like Sophos is now preventing that from happening. Let me give you a little run down of what is enabled in Sophos right now:
- Firewall
- Intrusion Prevention
- Remote Access
- Web Application Firewall (Firewall Profile is set to Monitor)
In my research I came across many discussions on this forum talking about running : cc set http response_timeout 600. I've tried this and it's had no affect. I ran it as root and if I run cc get http response_timeout it returns 600 as it should. I've also tried running /var/mdw/scripts/httpproxy restart as recommend in one of those discussions.
After these changes I'm still seeing 504's after 60 seconds.
Does anyone have any ideas?
This thread was automatically locked due to age.