Hi I have been working on setting up my webserver. We have the company domain https://www.company.com which is already with https, which we are unable to get SSL certificates. I wanted to make use this domain and deploy my app (http) by adding https//www.company.com/myapp this myapp and map this url to the http app which is deployed.
I am using the configuration shown below for your reference. I have a doubt only if we get SSL only we progress or their is some way to map this domain to my app running on port 8000.
<VirtualHost *:443>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
RewriteCond %{ENV:HTTPS} on
RewriteRule /(.*) http://localhost:8000/$1 [R=301,L]
</VirtualHost>
if you want to use HTTP, use port 80 instead of 443. you can also use both separately for HTTP and HTTPS connection.
<VirtualHost *:80>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
..................
As per server requirements
..................
</VirtualHost>
<VirtualHost *:443>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
RewriteCond %{ENV:HTTPS} on
RewriteRule /(.*) http://localhost:8000/$1 [R=301,L]
</VirtualHost>
Related
I'm using PufferPanel to manage my game servers and I have run into a problem with the SSL certificate step. I'm using Lets Encrypt to generate a certificate and with that comes system files verification to make sure it is authentic. I can't get the .well-known to work as Pufferhost must have something within its JS which redirects anything to a 404 page. I found some resources online and came up with the configuration below. Unfortunately, it does not work. It shows a chrome error saying that I am performing too many redirects, how can I fix this. I really appreciate any help you can provide.
##################################################################################################
# PANEL VIRTUAL HOST #
##################################################################################################
<VirtualHost *:80 *:8080 *:443>
ServerName panel.example.com
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule .* ws://localhost:8080%{REQUEST_URI} [P]
</VirtualHost>
The vhost listen to Port 8080 and then redirect to Port 8080, that should be the loop.
I would suggest to use individual vhosts for each Port.
One for Port 80 HTTP and one for Port 443 HTTPS. Port 8080 needs no vhost because you redirect to it.
Then you can use the Vhost with Port 80 with a DocumentRoot where Lets-encrypt can store the .well-known/acme-challenge/.
<VirtualHost *:80>
DocumentRoot "/var/www/html"
ServerName www.example.com
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/html"
ServerName www.example.com
ProxyPreserveHost On
ProxyPass "/" "http://localhost:8080/"
ProxyPassReverse "/" "http://localhost:8080/"
</VirtualHost>
When you have the Lets Encrypt Certificate you can add an redirect from Port 80 to Port 443 to force HTTPS. Then you need to add the SSL-Certificate to the Port 443 vhost config.
<VirtualHost *:80>
DocumentRoot "/var/www/html"
ServerName www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/html"
ServerName www.example.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
ProxyPreserveHost On
ProxyPass "/" "http://localhost:8080/"
ProxyPassReverse "/" "http://localhost:8080/"
</VirtualHost>
Depending on your OS the SSLCertificateFile/SSLCertificateKeyFile-Path is at an other location.
I have an application that runs on https://ip:8443. I have an Apache2 proxy server that stands in front of this application with the following config.
<VirtualHost *:80>
ServerName mydomain
ServerAlias mydomain
Redirect permanent / https://mydomain/
</VirtualHost>
<VirtualHost *:443>
ProxyPreserveHost On
ProxyRequests Off
SSLProxyEngine On
ServerName mydomain
ServerAlias mydomain
ProxyPass / https://ip:8443/
ProxyPassReverse / https://ip:8443/
SSLCertificateFile /etc/letsencrypt/live/mydomain/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem
</VirtualHost>
Now when I hit https://mydomain on the browser it works fine and shows https://ip:8443 content.
Now I want when someone visits https://mydomain to be redirected to another URL https://mydomain/subfolder which shows https://ip:8443/subfolder.
I searched for a week and tried a lot of solutions here but they didn't work.
This solution worked for me.
I added the following lines to <VirtualHost *:443>
<VirtualHost *:443>
...
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/$
RewriteRule (.*) https://mydomain/subfolder/ [R=301,L]
</VirtualHost>
I have the following Apache config file. When someone types in http://mywebsite.com it is not redirecting them to https. Why?
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123/"
ProxyPassReverse "/" "http://10.0.1.123/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteCond %{SERVER_NAME} =www.mywebsite.com
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123:80/"
ProxyPassReverse "/" "http://10.0.1.123:80/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
ServerAdmin admin_ws1#mywebsite.com
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.mywebsite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.mywebsite.com/privkey.pem
</VirtualHost>
<VirtualHost *:80>
...
ProxyPass "/" "http://10.0.1.123/"
...
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
The ProxyPass is telling Apache to work as reverse proxy and forward the request to the real server. The RewriteRule instead is telling Apache to answer the request itself with a redirect to the HTTPS version of the site. Obviously it cannot do both at the same time, so there is a conflict. Please remove Proxy* rules and keep only the Rewrite* rules on port 80.
I have an old server which uses httpd 2.2 and this configuration works fine redirecting HTTP requests to HTTPS.
Moving to CentOS and upgrading to httpd 2.4 the existing configuration causes a too many redirects to occur.
<VirtualHost _default_:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost _default_:443>
SSLEngine on
... SSL Setup ...
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
</VirtualHost>
I'm using tomcat which is listening on port 8009 internally, I'm not sure why is it happening.
SUGGESTED
The ProxyPassReverse directive doesn't work well with ajp.
Switch to HTTP/HTTPS
Remove the ProxyPassReverse directive
Validate you have set RemoteIPHeader X-Forwarded-For, X-Forwarded-Host, X-Forwarded-Port and X-Forwarded-Proto appropriately as well
I have one web server running two sites on different ports.
IE: server:8081 and server:8083
I setup two DNS records and pointed it to “my server”
Dev.server.com and Pre.server.com
I would like Dev.server.com to redirect to server:8083 but mask the URL to always stay Dev.server.com and Pre.server.com to redirect to server:8081 but mask the URL to always stay pre.server.com
If I set them up like this
<VirtualHost *:80>
ServerName http:// Dev.server.com
ProxyRequests off
ProxyPass / http://server:8083
ProxyPassReverse / http://server:8083
</VirtualHost>
<VirtualHost *:80>
ServerName http:// Pre.server.com
ProxyRequests off
ProxyPass / http://server:8081
ProxyPassReverse / http://server:8081
</VirtualHost>
Everything routes to the Dev instance and nothing makes it to the Pre instance
I have it set like this;
<VirtualHost *:80>
ServerName http:// Dev.server.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^dev\.server\.com$ [NC]
RewriteRule ^(.*)$ http:// Dev.server.com:8083$1 [R]
RewriteCond %{HTTP_HOST} ^pre\.server\.com$ [NC]
RewriteRule ^(.*)$ http://pre. server.com:8081$1 [R]
</VirtualHost>
Listen 0.0.0.0:8083
Listen 0.0.0.0:8081
<VirtualHost *:8083>
ServerName dev. server.com
ProxyRequests off
ProxyPass / http:// server.com:8083/jde/owhtml/
ProxyPassReverse / http:// server.com:8083/jde/owhtml/
Oc4jMount /jde HTML_DV_8083
Oc4jMount /jde/* HTML_DV_8083
</VirtualHost>
<VirtualHost *:8081>
ServerName pre.server.com
ProxyRequests off
ProxyPass / http:// server.com:8081/jde/owhtml/
ProxyPassReverse / http:// server.com:8081/jde/owhtml/
Oc4jMount /jde HTML_PY_8081
Oc4jMount /jde/* HTML_PY_8081
</VirtualHost>
This works perfectly for the routing but does not mask the URL. It adds the port to the URL witch we do not want to happen.
Anyone have any ideas as to what I am doing wrong?
You want your reverse proxy to happen in your port 80 vhost. Because you're using mod_rewrite to redirect the browser to URLs like http://Dev.server.com:8083/, that's what the browser will see. You just need 2 vhosts on port 80:
<VirtualHost *:80>
ServerName dev.server.com
ProxyRequests off
ProxyPass / http://server.com:8083/jde/owhtml/
ProxyPassReverse / http://server.com:8083/jde/owhtml/
Oc4jMount /jde HTML_DV_8083
Oc4jMount /jde/* HTML_DV_8083
</VirtualHost>
<VirtualHost *:80>
ServerName pre.server.com
ProxyRequests off
ProxyPass / http://server.com:8081/jde/owhtml/
ProxyPassReverse / http://server.com:8081/jde/owhtml/
Oc4jMount /jde HTML_PY_8081
Oc4jMount /jde/* HTML_PY_8081
</VirtualHost>
Note that the "ServerName" is dev.server.com and pre.server.com, and not http:// Dev.server.com with a space following the scheme and ://. Because http:// Dev.server.com isn't going to be the hostname you're going to visit, apache defaults everything to the first vhost. This is probably why your second attempt works, because both dev and pre default to the first vhost since nothing matches on port 80.