About apache websocket issue, web page is not working properly - apache

I installed a NAS in my home host, and I also used apache reverse proxy for a project named V2rayA. Now on the public network, the webpage can be accessed normally. But there is a bug. The bug picture is shown here.
I know this is the reason why websocket is not set, but I'm newbie and I can't fix it. How can I setup my websocket?
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/nextcloud
</VirtualHost>
<VirtualHost *:443>
SSLProxyEngine on
ServerAdmin webmaster#localhost
DocumentRoot /var/www/nextcloud
SSLEngine on
SSLCertificateFile /home/exploit/Apache/1.pem
SSLCertificateKeyFile /home/exploit/Apache/2.key
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /v2ray/ http://127.0.0.1:2017/
ProxyPassReverse /v2ray/ http://127.0.0.1:2017/
</VirtualHost>
How can I add and if possible please give me an example?

After I mapped this to the public network, it was still inaccessible, and then I knew that .websocket runs on port 443 by default, but the home network cannot use port 443, so this happens. You can use other methods to forward websockets

Related

TURN server behind reverse proxy

I would like to make the TURN server accessible behind a reverse proxy in order to use port 443 to avoid problems with blocked ports on public wifi networks, etc.
coturn is configured this way:
listening-port=8443
listening-ip=127.0.0.1
relay-ip=<public-ip-of-the-turn-server>
lt-cred-mech
use-auth-secret
static-auth-secret="secret"
realm=myturnserver.org
total-quota=0
bps-capacity=0
log-file=/var/log/turn.log
and the apache server config looks like this:
<VirtualHost *:443>
ServerName myturnserver.org
ServerAdmin root#myturnserver.org
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/myturnserver.org.error.log
CustomLog ${APACHE_LOG_DIR}/myturnserver.org.access.log combined
SSLCertificateFile /etc/letsencrypt/live/myturnserver.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/myturnserver.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8443/
ProxyPassReverse / http://127.0.0.1:8443/
</VirtualHost>
but I can't connect to the turn server. Any ideas what is wrong here?

Using Apache Haus for Reverse Proxy in Windows 10

I install Apache Haus in my Windows 10 PC, that should work as Reverse Proxy.
my setting in httpd-vhosts.conf is like below:
<VirtualHost _default_:80>
DocumentRoot "$(SRVROOT)/htdocs"
ProxyRequests off
ProxyPreserveHost On
ProxyPass / http://172.17.3.177/
ProxyPassReverse / http://172.17.3.177/
</VirtualHost>
<VirtualHost _default_:80>
DocumentRoot "${SRVROOT}/htdocs"
ProxyRequests off
ProxyPreserveHost On
ProxyPass / http://172.17.3.177/
ProxyPassReverse / http://172.17.3.177/
SSLEngine on
SSLCertificateFile "${SRVROOT}/conf/ssl/server.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/ssl/server.key"
</VirtualHost>
When I open http://localhost in browser the website from 172.17.3.177, successfully rendered (see below pic)
But when I try https://localhost my browser shows failure.
Can anybody help? I already disable windows firewall.
I have never implemented HTTPS on Apache.
However, your configuration seems to miss the listening to port 443 which is the default port for HTTPS.
You should add
Listen 443 // instruction at global server configuration
<VirtualHost _default_:443> // in your VirtualHost definition

Hide back-end server address using Apache configuration

I'm trying to hide my Kallithea back-end server (which is useful to manage Git/Mercurial repositories) address by using an Apache rule. I have a URL redirect from https://sub.domain1.com/gitrepos to https://sub.domain2.com/.
Atm, when I try to access https://sub.domain1.com/gitrepos/path/to/repo, it redirects to https://sub.domain2.com/path/to/repo
I'm looking for a way to hide the second server address. I'd like to access to https://sub.domain1.com/gitrepos/path/to/repo without being explicitely redirected to https://sub.domain2.com/path/to/repo
I did some tries with Apache configuration but it is not working and I'm not sure if it is something that I can handle on the back-end server side or if this is something that can be handled on the server that actually redirects.
Here is my current configuration:
<VirtualHost *:80>
ServerName git-domain2.com
ServerAlias git-domain2
Redirect permanent / https://git-domain2.com/
</VirtualHost>
<VirtualHost *:443>
ServerName git-domain2.com
ServerAlias git-domain2
<Proxy *>
Require all granted
</Proxy>
ProxyPreserveHost On
ProxyPass /gitrepos http://domain2.com:5000/ connectiontimeout=20 timeout=300
ProxyPassReverse /gitrepos http://domain2.com:5000/
#kallithea instance
ProxyPass / http://domain2.com:5000/ connectiontimeout=20 timeout=300
ProxyPassReverse / http://domain2.com:5000/
#to enable https use line below
SetEnvIf X-Url-Scheme https HTTPS=1
#LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/domain2.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/domain2.com.key
</VirtualHost>
Thanks for any help.

Apache Virtual Host - Mod Proxy issues

Not too au fait with Apache, have setup simple virtual hosts before without an issue. Seem to be having a bizarre one, working with 1 IP address and multiple servers.
My second virtual host seems to only look at the first 2 entries and ignores the rest. I have mapped out what I want to happen and how my vhost file looks and the second image is what is happening.
How my virtual hosts are setup and envision the routing to act
How it's currently operating
Now it maybe not right using virtual hosts on both servers?
Not too au fait with Apache, have setup simple virtual hosts before without an issue. Seem to be having a bizarre one, working with 1 IP address and multiple servers.
My second virtual host seems to only look at the first 2 entries and ignores the rest. I have mapped out what I want to happen and how my vhost file looks and the second image is what is happening.
Server1
<VirtualHost *:80>
ServerName server1.domain.com
ServerAlias x.domain.com
DocumentRoot /var/www/html
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias y.domain.com
ProxyPreserveHost On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://server2
ProxyPassReverse / http://server2
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias z.domain.com
ProxyPreserveHost On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://server2
ProxyPassReverse / http://server2
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias w.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://server2
ProxyPassReverse / http://server2
</VirtualHost>
Server 2
<VirtualHost *:80>
ServerName server2.domain.com
DocumentRoot /var/www/html
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias z.domain.com
DocumentRoot /var/www/html/z
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias w.domain.com
DocumentRoot /var/www/html/w
</VirtualHost>
<VirtualHost *:80>
ServerName server2.domain.com
ServerAlias y.domain.com
DocumentRoot /var/www/html/y
</VirtualHost>
Avoid giving the same Servername to any two VirtualHost entries. Using x,y,z, etc names is perfectly ok (assumed all resolve to the one IP address from external users).
For simplicity (of maintenance and managing the configuration) also avoid mixing "standard" server configuration (e.g. x on server1) with VirtualHost ones. Any accessible area on your web namespace should be configured via VirtualHost. (The first one in your configuration becomming "default" in that case.)
Using VirtualHosts on both servers is not a problem by itself. You just need to ensure the ServerName from the original HTTP request is correctly being forwarded and arriving at server2. For this you need to add
ProxyPreserveHost On
to your VirtualHost configurations.
It might, however, be easier to give up the name based VirtualHosts usage with server2 and turn to using different ip address or ports for the individual (logical) hosts. Server2 is (at least by concept) an internal setting and not visible to the "external" side. Thus, ease of use is not truly attributable

Two servers with mod_proxy, second server host is local ip and shows /proxy/ in url?

I am having some issues in regards to sessions with a second server I am running on my home network. I do this as a hobby and to develop new applications before they officially go live.
I have a domain pointing to my ip and resolves successfully to server 1, but after configuring mod_proxy to send specific domains to server 2 I am getting some unwanted errors and results. I want the second server to act as a normal server and just go through the first server since my current router can only send port 80 to one local ip and not filter it.
I have a.mydomain.com for my second server and it resolves fine but When I try to use a web application on this second server I get the following error
Warning: You are now accessing Mydomain from http://10.0.1.38/, but Mydomain has been configured to run at this address: http://a.mydomain.com/
Can i fix this?
Also when trying to access phpmyadmin via the a.mydomain.com/phpmyadmin it will change to a.mydomain.com/proxy/phpmyadmin after logging in, can i change this so that it's basically seamless and does not add /proxy.
Here is my vhost config for server 1
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName www.server1domain.net
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ServerName a.mydomain.com
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://10.0.1.38/
ProxyPassReverse / http://10.0.1.38/
</VirtualHost>
Here is the vhost config for server 2
<VirtualHost *:80>
ServerAdmin admin#mydomain.com
DocumentRoot /var/www/mydomaincom
ServerName a.mydomain.com
</VirtualHost>
I am running Centos 6.4
Alright I finally figured this out, some of the stuff is a little obvious now but this works for anyone else in a similar situation.
So earlier in my http.conf I had this
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# destination directory
ProxyPass /proxy http://10.0.1.38
ProxyPassReverse /proxy http://10.0.1.38
</IfModule>
There seems to be two problems with this, it seems to add the /proxy/ directory and also is wrong since the ip does not have a trailing slash, thus I changed it to this
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</IfModule>
And my http.conf vhost config for the first server looks like this now
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://10.0.1.38/
ServerName a.mydomain.com
</VirtualHost>
If you forget the trailing slash after the ip you will most likely end up with 502 errors: Could not resolve dns
The second servers vhost config looks like this
<VirtualHost *:80>
ServerAdmin admin#mydomain.com
DocumentRoot /var/www/mydomain
ServerName a.mydomain.com
</VirtualHost>
Hope that helps anyone else with similar issues.