MISP (Malware Information Sharing Platform) is built with Apache. Previously I had a publicly facing instance on Digital Ocean. No log in lag time at all.
I've now moved behind an Apache reverse proxy which is managed by our network team. When attempting to reach the site for the first time there's either a long lag time to get to the site, and if you get to the site there's long lag time when first logging in.
This seems to go away after you first log in. However, many folks are getting a 502 error unable to process /GET, or they simply can't get to the site. There's competing arguments as to which Apache is doing this.
I've looked up a bunch of items already, tried tuning the MISP server, and have had zero luck. Caveat.
I have internal MISP instances that all use the same network. These are not publicly facing and do not have this issue. Also, we are using Lets Encrypt for the certs.
Here's the basic diagram:Basic Network Map
