{"id":2876,"date":"2025-07-18T21:02:08","date_gmt":"2025-07-18T14:02:08","guid":{"rendered":"https:\/\/focusnic.com\/blog\/?p=2876"},"modified":"2025-07-19T15:02:47","modified_gmt":"2025-07-19T08:02:47","slug":"apache-solusi-error-421-misdirected-request","status":"publish","type":"post","link":"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/","title":{"rendered":"[ Apache ]  Solusi Error \u201c421 Misdirected Request\u201d"},"content":{"rendered":"\n<p>Masalah ini cukup membingungkan karena sebelumnya situs dapat diakses dengan normal. Panduan ini akan menjelaskan <strong>penyebab utama<\/strong>, serta memberikan <strong>langkah-langkah perbaikan permanen<\/strong> yang direkomendasikan.<\/p>\n\n\n\n<p class=\"has-text-align-center\"><em>Tim Apache telah merilis perbaikan untuk CVE yang memengaruhi fungsionalitas Apache + nginx: Tidak mengizinkan permintaan proses Apache dari nginx tanpa server name  (secara default, nginx tidak meneruskan server name melalui SNI saat membuat koneksi dengan reverse proxy).<\/em><\/p>\n\n\n\n<p>Berikut kutipan dari <a href=\"https:\/\/httpd.apache.org\/security\/vulnerabilities_24.html\" target=\"_blank\" rel=\"noopener\">Apache CVE-2024-42516<\/a><\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \">Fixed in Apache HTTP Server 2.4.64\nmoderate: Apache HTTP Server: HTTP response splitting (CVE-2024-42516)\nHTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\n\nThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes this issue.\n\nReported to security team: 2024-07-18\nUpdate 2.4.64 released: 2025-07-10\nAffects\t2.4.0 through: 2.4.63<\/pre><\/div>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/#Penyebab_Error\" >Penyebab Error<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/#Solusi_untuk_NGINX_Reverse_Proxy_Apache\" >Solusi untuk NGINX Reverse Proxy Apache<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/#Jika_Menggunakan_cPanel\" >Jika Menggunakan cPanel:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/#Jika_menggunakan_Plesk\" >Jika menggunakan Plesk:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/focusnic.com\/blog\/apache-solusi-error-421-misdirected-request\/#Jika_menggunakan_HestiaCP\" >Jika menggunakan HestiaCP:<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Penyebab_Error\"><\/span><strong>Penyebab Error <\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Error ini disebabkan oleh perubahan perilaku Apache versi terbaru, terutama saat menggunakan protokol <strong>HTTP\/2<\/strong>. Apache kini menjadi lebih ketat dalam menangani koneksi HTTP\/2 ke <em>virtual hosts<\/em> (vhosts).<\/p>\n\n\n\n<p>Secara teknis, error 421 muncul jika <strong>permintaan HTTP\/2 ditujukan ke vhost yang tidak sesuai dengan nama server dalam header TLS (SNI)<\/strong>. Jika Apache tidak menemukan nama host yang cocok saat melakukan handshake TLS, maka ia akan mengembalikan error 421.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Website menampilkan error <code>421 Misdirected Request<\/code><\/li>\n\n\n\n<li>Hanya terjadi pada website dengan <strong>sertifikat SSL yang dibagikan (shared)<\/strong> atau <strong>subdomain tanpa sertifikat tersendiri<\/strong><\/li>\n\n\n\n<li>Situs bekerja normal jika diakses melalui HTTP biasa atau jika HTTP\/2 dinonaktifkan<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Solusi_untuk_NGINX_Reverse_Proxy_Apache\"><\/span>Solusi untuk NGINX Reverse Proxy Apache<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Tambahkan parameter berikut pada NGINX Virtualhost<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \">proxy_ssl_server_name on;\nproxy_ssl_name $host;<\/pre><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Jika_Menggunakan_cPanel\"><\/span>Jika Menggunakan cPanel:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Cara ini hanya untuk instalasi cPanel yang menggunakan NGINX dari paket <code>ea-nginx<\/code> dan cPanel secara resmi sudah mengeluarkan update terbaru untuk errror 421 Missdirected:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \" >* Fri Jul 18 2025 - ea-apache24 - 2.4.64-3\n\n- EA-13041: Rolling \u201cea-apache24\u201d back to \u201c35b37d6c7295199c5157c68145f220d9fa61ff02\u201d: Apache v2.4.64 broke SNI (rando 421)\n\n* Fri Jul 18 2025 - ea-nginx - 1.26.3-11\n\n- EA-13040: Remove SNI fix as we've removed the offending changes in ea-apache24 for now.<\/pre><\/div>\n\n\n\n<p>Jalankan perintah berikut untuk update cPanel:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \" >\/scripts\/upcp --force<\/pre><\/div>\n\n\n\n<p>Update AlmaLinux:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \" >dnf clean all\ndnf update ea-*<\/pre><\/div>\n\n\n\n<p>Update Ubuntu:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \" >apt upgrade<\/pre><\/div>\n\n\n\n<p>Sumber:<a href=\"https:\/\/support.cpanel.net\/hc\/en-us\/articles\/33553346450455-Websites-show-421-Misdirected-Request-error-while-using-EA-Nginx-or-other-proxies\" target=\"_blank\" rel=\"noopener\">https:\/\/support.cpanel.net\/hc\/en-us\/articles\/33553346450455-Websites-show-421-Misdirected-Request-error-while-using-EA-Nginx-or-other-proxies<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Jika_menggunakan_Plesk\"><\/span>Jika menggunakan Plesk:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li>Masuk ke panel Plesk Anda.<\/li>\n\n\n\n<li>Buka <strong>Tools &amp; Settings<\/strong> di menu sebelah kiri.<\/li>\n\n\n\n<li>Di bawah grup \u201c<strong>General Settings<\/strong>\u201d, klik <strong>Apache &amp; Nginx Settings<\/strong>.<\/li>\n\n\n\n<li>Gulir ke bawah untuk menemukan kotak teks berlabel&nbsp;<strong>Additional Nginx directives<\/strong>.<\/li>\n\n\n\n<li>Paste dua baris berikut ke dalam kotak itu:<br><code>proxy_ssl_server_name on; <\/code><br><code>proxy_ssl_name $host;<\/code><\/li>\n\n\n\n<li>Klik <strong>OK <\/strong>atau <strong>Apply<\/strong>. Plesk akan secara otomatis menyimpan konfigurasi dan restart Nginx. Situs web Anda sekarang seharusnya sudah kembali online.<\/li>\n<\/ol>\n\n\n\n<p>Sumber: <a href=\"https:\/\/support.plesk.com\/hc\/en-us\/articles\/33500191748887-Websites-hosted-in-Plesk-are-not-accessible-after-a-recent-Apache-update-421-Misdirected-Request\" target=\"_blank\" rel=\"noopener\">https:\/\/support.plesk.com\/hc\/en-us\/articles\/33500191748887-Websites-hosted-in-Plesk-are-not-accessible-after-a-recent-Apache-update-421-Misdirected-Request<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Jika_menggunakan_HestiaCP\"><\/span>Jika menggunakan HestiaCP:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Anda dapat menjalankan perintah berikut untuk melakukan perubahan secara otomatis:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \">for file in $(grep -l proxy_pass \/usr\/local\/hestia\/data\/templates\/web\/nginx\/*.stpl); do if ! grep -q proxy_ssl_server_name \"$file\"; then sed -i '\/proxy_pass\/ i\\\\t\\tproxy_ssl_server_name on;\\n\\t\\tproxy_ssl_name $host;' \"$file\"; fi; done\nfor i in $(v-list-users plain | cut -f1); do echo \"Rebuilding web domains for user $i\"; v-rebuild-web-domains $i yes; done<\/pre><\/div>\n\n\n\n<p>Untuk email domain:<\/p>\n\n\n\n<div class=\"wp-block-urvanov-syntax-highlighter-code-block\"><pre class=\"lang:sh decode:true \">for file in $(grep -l proxy_pass \/usr\/local\/hestia\/data\/templates\/mail\/nginx\/*.stpl); do if ! grep -q proxy_ssl_server_name \"$file\"; then sed -i '\/proxy_pass\/ i\\\\t\\tproxy_ssl_server_name on;\\n\\t\\tproxy_ssl_name $host;' \"$file\"; fi; done\nfor i in $(v-list-users plain | cut -f1); do echo \"Rebuilding mail domains for user $i\"; v-rebuild-mail-domains $i yes &gt;\/dev\/null; done<\/pre><\/div>\n\n\n\n<p>Sumber: <a href=\"https:\/\/support.plesk.com\/hc\/en-us\/articles\/33500191748887-Websites-hosted-in-Plesk-are-not-accessible-after-a-recent-Apache-update-421-Misdirected-Request\" target=\"_blank\" rel=\"noopener\">https:\/\/forum.hestiacp.com\/t\/nginx-apache-ssl-421-misdirected-request\/19502\/4<\/a><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Masalah ini cukup membingungkan karena sebelumnya situs dapat diakses dengan normal. Panduan ini akan menjelaskan penyebab utama, serta memberikan langkah-langkah perbaikan permanen yang direkomendasikan. Tim Apache telah merilis perbaikan untuk CVE yang memengaruhi fungsionalitas Apache + nginx: Tidak mengizinkan permintaan proses Apache dari nginx tanpa server name (secara default, nginx tidak meneruskan server name melalui [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":2881,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[44],"tags":[],"class_list":{"0":"post-2876","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tutorial"},"_links":{"self":[{"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/posts\/2876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/comments?post=2876"}],"version-history":[{"count":8,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/posts\/2876\/revisions"}],"predecessor-version":[{"id":2888,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/posts\/2876\/revisions\/2888"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/media\/2881"}],"wp:attachment":[{"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/media?parent=2876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/categories?post=2876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/focusnic.com\/blog\/wp-json\/wp\/v2\/tags?post=2876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}