I am trying to set up an Apache2 web server as a proxy to redirect requests to different apps running on the server in separate Docker containers.
All requests going to route http://my_url.com/App2 should be directed to App2 running at localhost:8002.
All other requests to http://my_url.com should be redirected to App1 running on localhost:8001.
I used the following Apache configuration file:
VirtualHost my_url.com/:80>
ServerName my_url.com
ServerAlias www.my_url.com
ProxyPreserveHost On
ProxyPass /App2/ http://localhost:8002/
ProxyPassReverse /App2/ http://localhost:8002/
ProxyPass / http://localhost:8001/
ProxyPassReverse / http://localhost:8001/
</VirtualHost>
If I try to access App2, it initially redirects to the correct Docker container. However, the Problem is now that if App2 does a redirect to for example the /login route, the subroute /App2/ gets lost and Apache tries to find /login in App1 container.
What should happen is:
App2 wants to redirect to /login and makes the browser access my_url.com/App2/login and not my_url.com/login.
Is this achievable with just Apache configurations or do I need to change the redirects in App2 Docker container?
The issue was the line ProxyPreserveHost On. This resulted in Apache adding the header field:
X-Forwarded-Host: 'my_url.com'
for every request.
Thats why the ProxyPassReverse:
ProxyPassReverse /App2/ http://localhost:8002/
didn't work since it is only rewriting requests from http://localhost:8002/.
Setting ProxyPreserveHost Off (which is also the default) solved the issue for me.
I have REST API webservice running on server on address 127.0.0.1:8090 and Apache2 server running on 192.168.10.220, where I have frontend for my app.
In my website config I added lines:
RewriteEngine on
RewriteRule ^/api/ http://127.0.0.1:8090/
And when I'm openning address http://192.168.10.220/api in webbrowser I got redirection to 127.0.0.1:8090 and site is not found.
My question is how to redirect it that I will be able to open link for example http://192.168.10.220/api/login and It will return me result of http://127.0.0.1:8090/login, but 127.0.0.1:8090 address will be not seen in browser url.
Update 1:
I found solution, instead RewriteEngine, I should use this:
ProxyPass /api http://127.0.0.1:8090/api
ProxyPassReverse /api http://127.0.0.1:8090/api
And now I can use api at address http://192.168.10.220/api
But I have problem with second proxy:
ProxyPass /raporty http://192.168.10.200:8080/ekoncept_raporty
ProxyPassReverse /raporty http://192.168.10.200:8080/ekoncept_raporty
This time it's not api, but web application (reporting system, not mine). I can login and work, but some features I can't see or when I click button it redirects me to login page. I think it's something with coockies or etc.
What parameters should I use in my Proxy config to fix it??
Final configuration:
ProxyPass /api http://127.0.0.1:8090/api
ProxyPassReverse /api http://127.0.0.1:8090/api
ProxyPass /raporty http://192.168.10.200:8080/ekoncept_raporty
ProxyPassReverse /raporty http://192.168.10.200:8080/ekoncept_raporty
ProxyPassReverseCookiePath /ekoncept_raporty /raporty
It was cookie problem as I thought. Adding this fixed problem:
ProxyPassReverseCookiePath /ekoncept_raporty /raporty
With API there isn't a problem like this, because it doesn't use cookies.
If I hit - http://10.157.128.170/oneapp application should load index.html from Apache content
And ALL API calls like http://10.157.128.170:25003/oneapp/* (where * could be any API Call) should redirect calls to JBOSS on port :25003/oneapp
What could be the Apache configuration for this requirement ?
My current Configuration is :
ProxyPassMatch ^/oneapp/$ !
ProxyPass /oneapp/index.html !
ProxyPass /oneapp http://10.157.128.170:25003/oneapp
ProxyPassReverse /oneapp http://10.157.128.170:25003/oneapp
where I need to hit : http://10.157.128.170/index.html for going to index.html but I need that to be http://10.157.128.170/oneapp
File I've on Apache Content directory
index.html
app.css
app.js
images
Just add a trailing slash to fix the issue
ProxyPassMatch ^/oneapp/$ !
ProxyPass /oneapp/index.html !
ProxyPass /oneapp/ http://10.157.128.170:25003/oneapp/
ProxyPassReverse /oneapp/ http://10.157.128.170:25003/oneapp/
Also make sure that mod_proxy and mod_proxy_http are enabled.
i searched alot but i couldnt connect my websocket to wss:// ,
i found that there is a way to proxy wss://domain.com:9090 and apache apply the proxy on it and redirect request to where the normal ws://domain.com:9090 server is running
ProxyPass /websocket ws://domain.com:9090
ProxyPassReverse /websocket ws://domain.com:9090
this code in apache config will send request from any address ended with /websocket to ws://domain.com:9090
ex : ws://websocket will be ws://domain.com:9090
i want to do it for wss:// also
ex wss://websocket must point to ws://domain.com:9090
it dosnt work and i get this error in browser console :
failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
is there any mistake here ?
thanks you .
i worked 24 hours for find this and searched a lot of forum but no one write about success.
here is my server configuration :
CentOS release 6.7 , Apache 4.2.18
here is what i did finally :
first i found that modules/mod_proxy_wstunnel.so must be enable in apache config file , but my apache didn't have that module and after a lot of search i found that module is Available in apache 2.4.5 and later.
https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html
i downloaded https://archive.apache.org/dist/httpd/httpd-2.4.18.tar.gz
extracted httpd-2.4.18\modules\proxy\mod_proxy_wstunnel.c and uploaded to my server root
then from terminal could compile it again with these commonds :
chmod 755 mod_proxy_wstunnel.c #set permission
pxs -i -a -c mod_proxy_tunnel.c #compile module
pxs command did compile the module and wrote in apache config file to load it
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
after that i added these lines to end of apache config file :
RewriteEngine on
ProxyRequests Off
ProxyPreserveHost on
ProxyPass /myws ws://mysite.com:8091
ProxyPassReverse /myws ws://mysite.com:8091
AND NOW : it works !
in client side js you can set ws url like this :
var protocol = 'ws://';
if (window.location.protocol === 'https:') {
protocol = 'wss://';
}
var wsUri =protocol+ "mysite.com/myws";
var ws = new WebSocket(wsUri);
and it will forward request to ws://mysite.com:8091
doesnt matter the page loaded with https or http , it will direct all request ended with /myws to ws://mysite.com:8091
You need to enable some Apache2 modules:
$ a2enmod proxy proxy_wstunnel proxy_http rewrite
Then you can use this configuration to solve your problem.
ProxyRequests off
ProxyVia on
RewriteEngine On
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://example.com:9090/$1 [P,L]
ProxyPass /websocket http://example.com:9090/websocket
ProxyPassReverse /websocket http://example.com:9090/websocket
Apache2 automatically upgrades the connection to websocket with ws://, you don't need to set the ws:// manually. I tried dozens of configurations and this is the only one that worked for me.
the problem I was trying to solve was similar to this one. I have a reverse proxy running under Apache 2.4 on CentOs 7 which has to work with both https and wss requests.
Behind the reverse proxy I have my app server running on an internal network. the virtual host configuration in the /etc/httpd/httpd.conf config file is as follows:
<VirtualHost *:443>
ServerName example.com
RewriteCond %(HTTP:Upgrade) websocket [NC] # Required to handle the websocket connection
RewriteCond %(HTTP:Connection) upgrade [NC]
RewriteRule /(.*) ws://192.160.0.1/$1 [P,L]
SSLEngine on # SSL Certificates handling
SSLCertificateFile ssl/cert.pem # Public Certificate
SSLCertificateKeyFile ssl/key.pem # Private certificate
SSLCertificateChainFile ssl/ca.pem # CA or chain certificate
ProxyPreserveHost On
ProxyPass /websocket ws://192.168.0.1 # First you need to write the specific rules
ProxyPassReverse /websocket ws://102.168.0.1
ProxyPass / http://192.168.0.1 # Then the generic rules for the proxy.
ProxyPassReverse / http://192.168.0.1
</VirtualHost>
In your case, you will have to replace the ServerName, the SSL certificates location, and the destination of the proxy.
wss needs following module
Uncomment line at the httpd.conf of apache conf
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
The /websocket path is missing in your ProxyPass configuration path.
Use:
ProxyPass /websocket ws://example.com:9090/websocket
ProxyPassReverse /websocket ws://example.com:9090/websocket
Additional information:
Like others mentioned, you have to uncomment the line:
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
If you are also using a http ProxyPass thats relative path is "/" (forwarding everything directly), the specific "/websocket" path configuration must be configured first, otherwise "/" grabs first.
ProxyPass /websocket ws://example.com:9090/websocket
ProxyPassReverse /websocket ws://example.com:9090/websocket
ProxyPass balancer://ac-cluster/
ProxyPassReverse / http://example.com:9090
I did it for aria 2. I just enabled some modules and added a single line to config. (env: debian buster/apache 2.4).
enabling modes:
sudo a2enmod proxy proxy_balancer proxy_wstunnel proxy_http
and add this line to ssl site config file inside the virtual host directive :
ProxyPass /jsonrpc ws://127.0.0.1:6888/jsonrpc
I want to share this in case it helps somebody else avoid days of wasted time and effort.
I was giving up after researching everything. I was ready to start following the code of the different proxy modules, yes I know, a spiderweb..., but I was desperate. As a last resource I installed wireshark to follow exactly what was going on in my network. After installing wireshark, the instructions asked me to restart my server through a power off/on cycle. So, I did. When I started tracing it, to my complete surprise, the server was proxying perfectly the wss requests to ws, no problems! So I had the correct setup to start with but something got messed up in Ubuntu 20.4 / Apache 2.4.41 / node 14.17.2 that required a complete restart of the machine where the server operates. Crazy! But that was it...
I have a Bottle/Python app running on localhost:3000 that I am using Apache mod_proxy to forward requests to. Its working 99% of the time, except when I try and go to a url like:
http://m2t.openseedbox.com/api/upload/http%3A%2F%2Ftorrents.thepiratebay.se%2F6753175%2FPioneer_One_S01E04_720p_x264-VODO.6753175.TPB.torrent
(basically, there is a URL that is a part of the URL but its been run through encodeURIComponent). In this case, Apache is returning its own 404 page and not passing the url through to the backend server.
My apache config is as follows:
<VirtualHost *:80>
ServerName m2t.openseedbox.com
ProxyPass / http://127.0.0.1:3000/ retry=0
ProxyPassReverse / http://127.0.0.1:3000/
ProxyPreserveHost On
</VirtualHost>
Why is Apache not proxying this URL? (you can visit it yourself to see the Apache 404 page where a Bottle page should be)
EDIT: I've worked around it by passing the URL as a GET parameter. I still dont know why Apache isnt working as advertised though...
By default, Apache doesn't pass through urls with %2F in them. See the link below for more info.
%2F in URL breaks and does not reference to the .php file required