Current Lucee Installer, configuration issue - may just need Docs addition

MiniFireDragon · June 6, 2025, 6:34am

I run virtualmin/webmin webservers, and tonight I was playing around with the straight up out of the box install Lucee using the installer on a freshly minted system. The installer works very very nice. I did not choose the CFM Module for Apache as last time I tried it, it broke virtualmins settings, so I went without it this time (was not hard to remove it).

After all was said and done, I could get the site to load using (yes, I changed it to port 8080):

https://127.0.0.1:8080/example/lucee/admin/index.cfm

But apache refused to connect. So I did some comparing of notes to how I use Tomcat on my other systems, for Virtualmin, there was 1 piece missing in the AJP connector. Lucee puts it in this way:

<Connector protocol="AJP/1.3"
	    port="8009"
	    secret="superlongstringofcharactersthatIhopeluceedoesnotreuse"
	    secretRequired="true"
               redirectPort="8443" />

what is needed for it to work on a Virtualmin System (and I have not figured out why):

  <Connector protocol="AJP/1.3"
               address="::"
               port="8009"
               redirectPort="8443"
               secretRequired="true"
               secret="superlongstringofcharactersthatIhopeluceedoesnotreuse4"
               packetSize="65536"
               />

You will see here there are 2 extra bits, the packetSize="65536" is not needed, somewhere in the past I was reading tomcat optimization stuff and this was brought up. If someone more knowledgeable in the Tomcat department can elaborate (as I have forgotten) if it is really useful or not, please do.

The important bit that is needed is the address="::" I do not know if adding this to the installer will bork it on other systems, but I think a note in the installer docs (or even the server.xml file) to add that may solve connection issues, especially if you apache error log is spitting out:

Fri Jun 06 02:10:09.555730 2025] [proxy_ajp:error] [pid 109044:tid 109048] [remote 192.168.1.4:32830] AH00896: failed to make connection to backend: test.example.com
[Fri Jun 06 02:10:09.555599 2025] [proxy:error] [pid 109044:tid 109048] (111)Connection refused: AH00957: AJP: attempt to connect to 192.168.1.4:8009 (test.example.com:8009) failed

Zackster · June 6, 2025, 9:49am

there’s a long story about the address=“::” as it caused a 1.5s delay with ipv6 vs ipv4

MiniFireDragon · June 6, 2025, 10:41pm

That is an interesting thread. I am not experiencing any delay using address=“::”. And I can access the using localhost and 127.0.0.1 just fine.

But regardless, the point I am raising is one asked to test the installer, and I am responding with hey, on a virtualmin system, you need address=“::” in the ajp connector in Tomcat to get it to work. Virtualmin is a rather popular CPanel alternative. And a note somewhere would make it less stressful to a newcomer using the Lucee Installer to test it out for themselves.

I only know of the issue because I dealt with it years ago when I got into OpenBlueDragon, and had to hand configure Tomcat, adding in the ajp connector myself and exploring the settings. I feel users downloading an installer would expect it to work out of the box, or atleast mention a possible issue.

Maybe an alternative is for the installer to detect the Virtualmin install (typing virtualmin at cl will tell you) and adjust the script to add the address=“::” in, and also disabling the mod_cfml option, as Virtualmin has it’s own way of setting up a domain, and the mod_cfml does not work.

gaia-jyh · June 12, 2025, 1:32am

This covers 2 known issues:

Slow File Upload– resolved by increasing AJP packetSize="65536".
1‑Second Delay – fixed by changing name="127.0.0.1" to name="::1" in the AJP connector.

1‑Second Delay confirm only on Windows(BonCode AJP)

Please try uploading a big file( > 500 MB ) on Linux to verify with AJP w/o packetSize:

AJP using packetSize=65536
AJP using the default packetSize=8192

What is BonCode AJP?

BonCode AJP is a lightweight AJP 1.3 connector for IIS → Apache Tomcat/Lucee/CFML, developed for Windows.

Acts as a reverse proxy using the binary AJP protocol between IIS and Tomcat
Replaces legacy ISAPI connectors with a managed .NET module
Supports streaming, SSL header forwarding, IPv6, load balancing

Memory Usage During Upload/Download

On Windows, using BonCode AJP for file transfers causes the w3wp.exe IIS worker process to consume large amounts of memory—generally proportional to the file size. After the transfer completes, memory is only freed after a delay, not immediately. This significantly increases resource pressure.

In contrast, both IIS reverse proxy setups and Nginx → Tomcat direct proxies do not exhibit this memory spike during upload or download operations

Performance Test: 500 MB File Upload (Windows, IIS + AJP BonCode)

Configuration	Upload Time
1. IIS Rewrite with port 8888	5 seconds
2. AJP BonCode with `packetSize=65536`	15.4 seconds
3. AJP BonCode default `packetSize=8192`	130 seconds