Httpd Tomcat


Apache httpd webserver communicate to Tomcat sever through AJP protocol. When we install Apache httpd server, It don't have inbuilt capability to support ajp protocol. So we need modjk module. Its add the ajp support to Apache httpd server. Steps to Implement Virtual Host Concept in this Scenario. If you want to use apache/ httpd to serve the request from PHP as well as any other server running on different port let say tomcat on port 8080 you can use apache/ httpd to act as a 'proxy' and map a URL which will be served by another server. This is done using ProxyPass ProxyPassReverse configuration. Apache Tomcat Versions Apache Tomcat ® is an open source software implementation of a subset of the Jakarta EE (formally Java EE) technologies. Different versions of Apache Tomcat are available for different versions of the specifications. The mapping between the specifications and the respective Apache Tomcat versions is. The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project.

  • 1Log Files
    • 1.2Runtime Logs
    • 1.3mailbox.log categories
KB 1302 Last updated on 2015-07-12 Last updated by Jorge de la Cruz
(0 votes)
Verified in:
ZCS 7.0

- This article is a Community contribution and may include unsupported customizations.
KB 1302 Last updated on 2015-07-12

(0 votes)
- This article is a Community contribution and may include unsupported customizations.
- This article is a Work in Progress, and may be unfinished or missing sections.

Depending on what's installed on the server, and how your system is configured, some logs may not be on the server that is experiencing the error.

Installation Logs

These are named with a pid file extension (3-5 digit number) - generally, the most recent one is the one you're looking for
/tmp/install.log - installation of zimbra software packages
/tmp/zmsetup.log - site-specific configuration

Runtime Logs

Most logs are found in /opt/zimbra/log/:

Note: Before ZCS 4.5, mailbox.log was called zimbra.log

Some additional logs are in /opt/zimbra/tomcat/logs/:
Other log locations:
Output of various scripts:

mailbox.log categories

The mailboxd logging is described extensively on a dedicated page.

Httpd Tomcat Difference


For some log facilities, you may need to modify the existing lines in the file. For example, the default zimbra.sync entry (for Zimbra Mobile Sync) is the following:

For this entry, you would want to modify INFO to TRACE:

You can also change log settings for a single user with zmprov:

Run zmprov help log or zmprov help misc for more details. Note that account-level log settings are reset when the server [mailboxd service] is restarted. bug 26642 was filed for this issue.

Difference between apache and tomcat

Once the logging collection is complete, disable the account logger with removeAccountLogger:

Performance Statistics

Many useful Zimbra server performance statistics are logged to /opt/zimbra/zmstat/mailboxd.csv. This file can be opened in Excel or another utility that reads files in CSV format. Here's a summary of the statistics logged. All pairs of timing statistics named xxx_count and xxx_avg specify the number of times an operation was performed and the average execution time. Additional logs after 4.5.7 include cpu.csv and proc.csv.

  • timestamp - timestamp of a given statistic collection period
  • lmtp_rcvd_msgs,lmtp_rcvd_bytes,lmtp_rcvd_rcpt,lmtp_dlvd_msgs,lmtp_dlvd_bytes - number and size of messages received and delivered
  • db_pool_size - database connection pool size
  • db_conn_count,db_conn_ms_avg - timing data for getting a database connection
  • ldap_dc_count,ldap_dc_ms_avg - timing data for getting an LDAP connection
  • mbox_add_msg_count,mbox_add_msg_ms_avg - timing data for adding a message
  • mbox_msg_cache,mbox_item_cache - hit rate for the message body (blob) cache and mail item (database metadata) cache. 0 = 0%, 1 = 100%.
  • soap_count,soap_ms_avg,imap_count,imap_ms_avg,pop_count,pop_ms_avg - timing data for SOAP, IMAP and POP operations
  • idx_wrt_avg - Lucene index writer count
  • java_heap_MB - Amount of memory used by the Java VM
  • mysql_opened_tables,mysql_slow_queries,mysql_threads_connected,innodb_pages_read,innodb_pages_written,innodb_bp_hit_rate - MySQL statistics. See MySQL documentation for more info.
  • pop_conn,pop_ssl_conn,imap_conn,imap_ssl_conn - Number of active POP and IMAP connections

MTA Logs

The MTA (postfix) logs via syslog to the mail facility. By default, this goes to /var/log/maillog, but Zimbra sets it to /var/log/zimbra.log

Tomcat (web server) Logs

Tomcat logs via syslog to the local0 facility. By default, this goes to /var/log/messages AND /opt/zimbra/log/mailbox.log
Some tomcat information (including thread dumps) will also be in /opt/zimbra/tomcat/logs/catalina.out; stopping (or restarting) tomcat outputs the current thread dump to /opt/zimbra/tomcat/logs/stacktrace.<tomcat pid>

Spell Server Logs

Aspell logs can be found at httpd_access.log.<date> and httpd_error.log.<date> in /opt/zimbra/log

Swatch Logs

Httpd Tomcat
Swatch logs to /tmp/swatch.out

iSync Connector Logs

The iSync Connector logs are in different locations based on the version you are using.

In 4.5.x~/Library/Application Support/Zimbra/com.zimbra.XXXXXXX.sync. There will be at most 5 log files there, sync.log, sync.log.2, ....

In 5.0.x/Users/<user>/Library/Logs/Zimbra/com.zimbra.XXXXXXXXXX/sync.X.log. You can specify how many log files to keep in the Zimbra preference page.

Logging the Originating IP

In a multi-server environment, or any environment running a proxy, the mailboxd server may only log the IP of the connecting proxy. In order to fix this, Zimbra added a feature in Bug 31633 in 6.0 and later to track the originating IP of the user's client machine:

  • X-Originating-IP support for nginx or other fronting proxy [1] - Fixed: 6.0

The actual log entry used in messaging headers is defined in this variable, and by default is 'X-Forwarded-For' (see for further background info):

In order to use this feature, you must define the Trusted IPs of your internal nginx proxies, so that the mailstores will instead capture the data on the originating IP from the HTTP traffic. By default, the zimbraMailTrustedIP is empty:

By adding your nginx proxy addresses (as seen by the mailstores) to this attribute, it should then log appropriately. For example, if there are two nginx proxies:



Please note here too, if you are running nginx on the same node as the mailstore, you will need to add both and the real address of that node:

Check your result:

Then restart mailboxd:

In mailbox.log, you will then see the 'oip' (Originating IP) for the real client IP:

Verified Against: Zimbra Collaboration 8.0, 7.0Date Created: 04/16/2014
Article ID: Modified: 2015-07-12

Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Retrieved from ''
Jump to: navigation, search

Apache Httpd and Tomcat servers

  • by flurdy
  • @flurdy
  • contact/feedback
  • hire me
This page is part of larger set of tips & howtos on ec2 by flurdy.
Other ec2 docs by flurdy

Httpd Vs Tomcat

  • Tips
  • Howtos

Simple step by step guide on how to set up Apache httpd server and Apache Tomcat java container server on an ec2 instance.

Note: Apache Httpd server is for the rest of this tutorial called apache.
Apache Tomcat java container server is for the rest of this tutorial called tomcat.

Pre requisits


Different setups:

  • Apache and multiple Jetty on different servers with mod_proxy

Difference Between Apache And Tomcat

Just Apache

If you all you need is plain web sites with perhaps PHP, then this section is all you need.
To add Tomcat, part of the sections further down require this section as well.

Install apache and PHP supportsudo aptitude install apache2 php5
Enable SSL/TSL encryptionsudo a2enmod ssl
I update the default-ssl virtual host from _default_ to *. This is if you have multipe ssl sites. sudo vi /etc/apache2/sites-available/default-ssl <VirtualHost *:443>
If you want to enable mod_rewrite sudo a2enmod rewrite
Enable changes by restarting apache2 apache2ctl -t;
sudo /etc/init.d/apache2 restart
Next enable the web ports in your firewall sudo vi /etc/shorewall/rules Web(ACCEPT) net $FW
Web(ACCEPT) ec2 $FW
You can add more virtual hosts in /etc/apache2/sites-available. and then enable them with: sudo a2ensite virtualhostfile


  • Subversion with mod_svn
  • Multi virtual hosts with SSL

Apache and Tomcat on the same server with mod_jk

(Note: mod-jk2 is deprecated, use mod-jk)

If you are having apache and tomcat on the same server, you can use the old way of mod-jk.
Note however mod-jk2 is now deprecated and you have to use mod-jk (1).
But today mod-proxy as detailed below is even prefered over mod-jk in general.

Install Apache Follow Just Apache above.
Install Tomcat and mod-jksudo aptitude install tomcat6 libapache2-mod-jk
Create mod-jk configuration sudo cp /usr/share/doc/libapache2-mod-jk/httpd_example_apache2.conf /etc/apache2/conf.d/mod-jk.conf
To enable webapp passthroughs edit your virtual hosts.
/example will be picked up by the tomcat.
/example/contact will be not passed to tomcat and instead handled by apache.
JkMount /example* ajp13_worker
JkUnMount /example/contact ajp13_worker
Enable changes by restarting apache and tomcat apache2ctl -t;
sudo /etc/init.d/apache2 restart;
sudo /etc/init.d/tomcat6 restart

Apache and Tomcat on the same server with mod_proxy

Follow the different servers with mod_proxy below but skip the firewall bit and don't need new aliases.

Apache and Tomcat on different servers with mod_proxy

This will tell you how to set up apache and tomcat on two different isntance servers in ec2 (or anywhere really).
This is how I have my set up and it works very well.

This is very much based on these guides:

Apache serverTomcat server
Fire up two ubuntu servers in Elasticfox. One will be your Apache server. The other your Tomcat server.
Install apache and tomcat.
Note Sun will require you to accept the DLJ license when installing java.
Follow Just Apache above. sudo aptitude install sun-java6-jdk tomcat6 tomcat6-admin
Enable mod proxy sudo a2enmod proxy_ajp
And allow proxying by changing the 'Deny from all' to 'Allow from all'sudo vi /etc/apache2/mods-enabled/proxy.conf Order deny,allow
Allow from all
#Deny from all
Enable AJP port by uncommenting Connectorsudo vi /etc/tomcat6/server.xml <Connector port='8009' protocol='AJP/1.3' redirectPort='8443' />
Add an admin and manager usersudo vi /etc/tomcat6/tomcat-users.xml <role rolename='admin'/>
<role rolename='manager'/>
<user username='yourUser' password='aPassword' roles='admin,manager'/>
Bump up the memory available to Tomcat.
And disable tomcat security
sudo vi /etc/default/tomcat6 JAVA_OPTS='-Djava.awt.headless=true -Xms128M -Xmx1280M -XX:MaxPermSize=256m'
Open the firewall up on the tomcat server to AJP traffic by enabling port 8009.
(You can also test if the tomcat server works by enabled Web from the net zone temporarily)
sudo vi /etc/shorewall/rules ACCEPT ec2 $FW tcp 8009 sudo shorewall check;
sudo shorewall safe-restart
Now since both servers are in ec2 you probably want to run them on traffic just across the ec2 to avoid extra traffic charges, for performance and security. But if you use virtual hosts then e.g. your tomcat server at will not resolve across ec2 private IP range. There are various ways to resolve this.
One solution is this: Create aliases such as:,, etc in the apache server hosts file or the actual DNS with the tomcat servers internal IP which for example is (The private IP can be found in Elasticfox by right clicking on the tomcat instance and selecting copy Private IP)
sudo vi /etc/
Create a folder to put virtual hosts in eg /var/lib/tomcat6/vhosts sudo mkdir /var/lib/tomcat6/vhosts;
sudo chown tomcat6:tomcat6 /var/lib/tomcat6/vhosts
Create virtual hosts on the tomcat server towards the end of the file after the default host. sudo mkdir /var/lib/tomcat6/vhosts/;
sudo chown tomcat6:tomcat6 /var/lib/tomcat6/vhosts/;
sudo vi /etc/tomcat6/server.xml
<Host name='' appBase='vhosts/'
unpackWARs='true' autoDeploy='true' xmlValidation='false' xmlNamespaceAware='false'>
<!-- <Alias></Alias> -->
Now you should upload a war file to the folders. E.g as a subcontext
or as the default root application
sudo cp example-2.1-SNAPSHOT.war /var/lib/tomcat6/vhosts/ cp example-2.1-SNAPSHOT.war /var/lib/tomcat6/vhosts/
For each virtual host (/etc/apache2/sites-available/)[1] and within its <VirtualHost> tag, you need to start the delegation section with: <IfModule mod_proxy.c>
And end with: </IfModule>
To preserve the host requested by the user when using virtual hosts on tomcat,
otherwise tomcat uses the actual ProxyPass alias.
ProxyPreserveHost On
To delegate /example to the webapp use this ProxyPass /example ajp://
ProxyPassReverse /example ajp://
To enable the manager app do this ProxyPass /manager ajp://
ProxyPassReverse /manager ajp://
To delegate everything in this virtual host: ProxyPass / ajp://
ProxyPassReverse / ajp://
To delegate everything but not the images folder do this:
Note the 'not' bits must come first.
ProxyPass /images !
ProxyPass / ajp://
ProxyPassReverse / ajp://
If tomcat listens to a different alias than the user connects with,
you want to disable preserve hosts and use the alias in proxypass.
Also make sure your apache machine knows of this alias.
You need to reverse proxy the cookies as well:
ProxyPreserveHost Off
ProxyPass / ajp://
ProxyPassReverse / ajp://
This is a full example.
Note manager is commented out as the full delegation already covers it.
<IfModule mod_proxy.c>
ProxyPreserveHost On
ProxyPass /css !
ProxyPass / ajp://
ProxyPassReverse / ajp://
# ProxyPassReverseCookieDomain
# ProxyPass /manager ajp://
# ProxyPassReverse /manager ajp://
Now restart apache and tomcat apache2ctl -t;
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/tomcat6 restart

That should be it!

If you do not want to use mod_ajp, then mod_http works fine too.
Remember to open different firewall ports. And use the proxypass http:// instead of ajp and the correct ports.

Apache and multiple Jetty on different servers with mod_proxy

Similar to section above tomcat on different servers, with different ports etc in the mod-proxy ProxyPass commands.
As I myself use plenty of maven jetty plugin apps this is very usefull.
More detail to come...

Virtual Hosting

Quick rundown on how to set up virtual hosting, ie listen to several domain names and showing different websites.

The configuration is in /etc/apache2/sites-available. Each site generally has separate files.
E.g : if we host two domains and, then convention say they are configured in:
/etc/apache2/sites-available/ & /etc/apache2/sites-available/

Within each of these files you might have several <VirtualHost> sections, but minimum one.
You might have one for, another which redirects to, a third for etc.

Here is a typical virtual host files (without any tomcat delegation):

<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/
ErrorLog /var/log/apache2/
LogLevel warn
CustomLog /var/log/apache2/ vhost_combined
ServerSignature On
<VirtualHost *:80>
CustomLog /var/log/apache2/redirect-access.log vhost_combined
Redirect permanent /

Once configured, you can enable this virtual host with this command:

sudo a2ensite

This basically puts a softlink in /etc/apache2/sites-enabled to the file in /etc/apache2/sites-available.
The opposite to this is the a2dissite command.


  • Apache httpd
  • Apache Tomcat
  • Ubuntu
  • flurdy's ec2:

Download Apache Tomcat 10

Remember feedback is important!

Httpd Tomcat8

back to flurdy's ec2 docs for more ec2 tips and howtos.

Tomcat Vs Apache

  • by flurdy
  • @flurdy
  • contact/feedback
  • hire me