I'm trying to route any links that start with /api/ to port 3002 on my server but they always get routed to 3008. For example https://example.com/api/customers should be proxied/routed to localhost:3002
<VirtualHost *:443>
ServerAdmin (redacted)
ServerName (redacted)
ServerAlias (redacted)
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/(redacted)/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/(redacted)/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/(redacted)/chain.pem
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Location "/api\/(.*)/">
ProxyPass http://localhost:3002/
ProxyPassReverse http://localhost:3002/
</Location>
<Location "/">
ProxyPass http://localhost:3008/
ProxyPassReverse http://localhost:3008/
</Location>
</VirtualHost>
Using this config going to domain.com works and shows my website but domain.com/api/customers returns an error from the webapp on port 3008 so it's not being routed correctly (it should go to 3002).
The apps on port 3008 and 3002 are running correctly so that's not the issue.
I've tried putting domain/ first and domain/api last in the config file but that didnt seem to fix it. And the config file is enabled
I've tried different regexes to match the api endpoint aswell but this one should work
Apache is listening on port 443
These mods are enabled which should be needed for this:
proxy_module (shared)
proxy_http_module (shared)
proxy_wstunnel_module (shared)
Please let me know if you want any extra information
Modify your config as below and have a try.
Post the access log and curl response if not working.
curl -ILKv https://domain.name/api/anything
curl -ILKv https://domain.name/api
https://httpd.apache.org/docs/2.4/mod/mod_proxy.html
ProxyRequests Off
<Proxy *>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Proxy>
ProxyPass /api http://localhost:3002
ProxyPassReverse /api http://localhost:3002
I ended up solving it like this:
RewriteEngine on
RewriteRule "/api\/(.*)" "http://localhost:3002/api/$1" [P]
<Location "/">
ProxyPass http://localhost:3008/
ProxyPassReverse http://localhost:3008/
</Location>
Related
I would like to setup the local pgadmin in server mode behind the reverse proxy. The reverse proxy and the pgadmin could be on the same machine. I tried to set up but it always fails.
Here is mypgadmin conf:
Listen 8080
<VirtualHost *:8080>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/pgadmin.crt
SSLCertificateKeyFile /etc/pki/tls/private/pgadmin.key
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule ssl_module modules/mod_ssl.so
WSGIDaemonProcess pgadmin processes=1 threads=25
WSGIScriptAlias /pgadmin /usr/lib/python2.7/site-packages/pgadmin4-web/pgAdmin4.wsgi
<Directory /usr/lib/python2.7/site-packages/pgadmin4-web/>
WSGIProcessGroup pgadmin
WSGIApplicationGroup %{GLOBAL}
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
</VirtualHost>
and my reverse proxy conf
Listen 443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
ErrorLog /var/log/httpd/reverse_proxy_error.log
CustomLog /var/log/httpd/reverse_proxy_access.log combined
SSLProxyEngine on
SSLProxyVerify require
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCACertificateFile "/etc/pki/tls/certs/ca-bundle.crt"
ProxyPreserveHost On
ProxyPass / https://localhost:8080/pgadmin
ProxyPassReverse / https://localhost:8080/pgadmin
</VirtualHost>
The httpd start but when I want to test it with
wget --no-check-certificate https://localhost/
it give me error 400
but the
wget --no-check-certificate https://localhost:8080/pgadmin
is working. Where is the problem in my config?
this work for me. I make pgadmin proxy to sub directory (https://localhost/pgadmin)
<VirtualHost *:80>
ServerName localhost
DocumentRoot "/var/www"
<Directory "/var/www">
AllowOverride all
</Directory
ProxyPass /ws/ ws://0.0.0.0:8888/
ProxyPass /phpmyadmin/ http://phpmyadmin/
<Location /pgadmin/>
ProxyPass http://pgadmin:5050/
ProxyPassReverse http://pgadmin:5050/
RequestHeader set X-Script-Name /pgadmin
RequestHeader set Host $http_host
</Location>
</VirtualHost>
Have you tried with latest version, I think it is fixed this commit Ref: LINK
Online Docs: https://www.pgadmin.org/docs/pgadmin4/dev/server_deployment.html
This config works,
use 0.0.0.0 for pgadmin docker, else use your ip
change port 5050 with your pgadmin port
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>
Cofigure with SSL, replace yourdomain.com with valid SSL for your domain
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/(.*)$ https://pgadmin.yourdomain.com/$1
</VirtualHost>
<VirtualHost *:443>
ServerName pgadmin.yourdomain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>
I have an apache (port 80) and an extra webserver which runs on port 8000 (openslides). If I use foobar.com:8000 it works. But it is not user-optimized and in some hotels have damn firewalls..
I want a redirection from foobar.com to foobar.com:8000.
My config is:
<VirtualHost *:80>
ServerAdmin ...#..
ServerName foobar.com
ServerAlias www.foobar.com
ErrorLog /var/log/apache2/openslides.log
CustomLog /var/log/apache2/openslides-access.log combined
<Location foobar.com>
ProxyPass http://foobar.com:8000
ProxyPassReverse http://foobar.com:8000
</Location>
</VirtualHost>
foobar.com:8000 runs, but for foobar.com I get an empty site. Do anyone see the mistake in the config?
Thanks!
bengoshi
You got the Location tag wrong. You need to put a path in there:
<Location />
ProxyPass http://foobar.com:8000
ProxyPassReverse http://foobar.com:8000
</Location>
For more info about the Location tag see: https://httpd.apache.org/docs/2.4/mod/core.html#location
I'm trying to hide my Kallithea back-end server (which is useful to manage Git/Mercurial repositories) address by using an Apache rule. I have a URL redirect from https://sub.domain1.com/gitrepos to https://sub.domain2.com/.
Atm, when I try to access https://sub.domain1.com/gitrepos/path/to/repo, it redirects to https://sub.domain2.com/path/to/repo
I'm looking for a way to hide the second server address. I'd like to access to https://sub.domain1.com/gitrepos/path/to/repo without being explicitely redirected to https://sub.domain2.com/path/to/repo
I did some tries with Apache configuration but it is not working and I'm not sure if it is something that I can handle on the back-end server side or if this is something that can be handled on the server that actually redirects.
Here is my current configuration:
<VirtualHost *:80>
ServerName git-domain2.com
ServerAlias git-domain2
Redirect permanent / https://git-domain2.com/
</VirtualHost>
<VirtualHost *:443>
ServerName git-domain2.com
ServerAlias git-domain2
<Proxy *>
Require all granted
</Proxy>
ProxyPreserveHost On
ProxyPass /gitrepos http://domain2.com:5000/ connectiontimeout=20 timeout=300
ProxyPassReverse /gitrepos http://domain2.com:5000/
#kallithea instance
ProxyPass / http://domain2.com:5000/ connectiontimeout=20 timeout=300
ProxyPassReverse / http://domain2.com:5000/
#to enable https use line below
SetEnvIf X-Url-Scheme https HTTPS=1
#LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/domain2.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/domain2.com.key
</VirtualHost>
Thanks for any help.
I had the environment with several JBoss and Tomcat servers. They are connected to Apache via modcluster modules (to Apache IP address and port 8090). The Apache contains the configuration:
loadbalancer.conf
LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
LoadModule advertise_module modules/mod_advertise.so
Listen *:8090
<VirtualHost *:8090>
<Location /mod_cluster_manager>
SetHandler mod_cluster-manager
Order deny,allow
Deny from 8.8.8.8
Allow from all
</Location>
KeepAliveTimeout 60
MaxKeepAliveRequests 100
EnableMCPMReceive
ManagerBalancerName My_Cluster
AdvertiseFrequency 5
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
ProxyPass /other_app http://192.168.100.70:8080/other_app
ProxyPassReverse /other_app http://192.168.100.70:8080/other_app
ProxyPass / balancer://My_Cluster
</VirtualHost>
All work ok but one new application doesn't support connection to Apache. I need to use ProxyPass. When I insterted the ProxyPass to 443 virtual host so all balanced contexts stopped to work. When I inserted:
ProxyPass / balancer://My_Cluster
The /other_app context stopped work.
Can you advise me how configure context /other_app handling by ProxyPass and all other contexes by modcluster balancer?
Try using the following top level directive (add just below the LoadModule's)
#This is needed to prevent mod_cluster creating balancer for all VH's
CreateBalancers 1
Managed to do it with the following:
ProxyPass /other_app http://192.168.100.70:8080/other_app
ProxyPassReverse /other_app http://192.168.100.70:8080/other_app
ProxyPass /other_app !
ProxyPass / balancer://My_Cluster
Inspired by https://serverfault.com/questions/363788/serve-all-requests-via-proxy-except-a-specific-one
My roommate and I each have a separate webserver we are trying to set up. We are trying to use mod_proxy so that his server will forward requests to my machine (we have two seperate machines behind one router) based on the server name. I've given the basics of what we have in our apache config currently but we are getting a 403 Forbidden error when trying to access the second domain (the first, www domain, works fine).
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/www
ServerName www.<domain1>.com
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://<IP addr of other box>:80
ProxyPassReverse / http://<IP addr of other box>:80
ServerName <dummydomain>.gotdns.com
</VirtualHost>
Your mods-enabled/proxy.conf might be blocking any proxy requests (it's deny all by default). It should include the following instead:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
EDIT: Also make sure that the mod_proxy submodules are sym linked into mods-enabled (in this case, the http sub module which is mods-available/proxy_http.load)
Just put both routes:
<VirtualHost *:80>
DocumentRoot "/app/"
ProxyPreserveHost On
ProxyRequests Off
ServerName app.yourdomain.com
ProxyPass /app http://yourIP:yourPort/app/
ProxyPassReverse /app http://yourIP:yourPort/app/
ProxyPass / http://yourIP:yourPort/app/
ProxyPassReverse / http://yourIP:yourPort/app/
</VirtualHost>
<Location "/app/" >
ProxyPass "http://yourIP:yourPort/app/"
ProxyPassReverse "http://yourIP:yourPort/app/"
ProxyPassReverseCookiePath "/app/" "/app/"
ProxyHTMLEnable Off
ProxyHTMLExtended On
ProxyHTMLURLMap "/app/" "/app/"
Order allow,deny
Allow from all
</Location>
This worked form me