I'm have a an Apache HTTP server that has a reverse proxy to a tomcat server. However, I only want the reverse proxy to happen when the client uses the subdomain www. This is because I want to use other subdomains to point to other applications, such as email.
e.g. www.example.com will go display the apache tomcat webapp.
The way to do this, I presume, is to configure my DNS so that every subdomain I use will point to my server. Right now, in addition to www, that is server.example.com and posfixadmin.example.com. However, the issue is that all my subdomains end up pointing to tomcat.
So when I try to visit postfixadmin.example.com/setup.php to set up postfixadmin through its web setup, it ends up taking me to my tomcat webapp's 404.
Here is my virtualhost configuration:
<VirtualHost www.example.com:80>
ServerName http://www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost server.example.com:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost postfixadmin.example.com:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EDIT
It looks like the proxy conf file doesn't do anything (??). I decided to experiment around and change the first virtualhost servername to the following:
<VirtualHost *:80>
ServerName abcd.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Then, I restarted and reloaded Apache...But for some reason, going to www.example.com STILL took me to the tomcat webapp! Does anyone know what drives this?
As to the DNS: I have set specific CNAME entries for each subdomain including www; all of them point back to the public IP of my server that houses my example.com domain (using # in my case - possible with most DNS, I think). There may be some different strategies on this, but I believe you're on the correct path based on what you've suggested in the question.
As to Apache configuration:
I believe that the http protocol does not need to be specified in the ServerName directive and that, generally, the domain need not appear inside the <VirtualHost>...</VirtualHost> tags.
I should mention that I am relatively unfamiliar with Tomcat but am assuming it is listening at 8080 on the localhost, in which case this should help.
I'm not 100% certain that that is all that is snarling you, but try trimming that ServerName back and doing like so, including the change to the VirtualHost open tag:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Your second <VirtualHost> probably requires similar changes, though it also seems that you are directing it to serve requests from the web/network which are coming in on port 8080 -- which I don't believe is your intent.
I think what you want is to also listen on port 80 from the web/network, but to follow these directives if addressed to server.example.com like so:
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
And finally, similar change to the opening <VirtualHost> tag on the final one:
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Altogether, this seems more like what you're looking for:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
I got it!
It turns out that the problem was in the ssl configuration file - the :443 ports were overlapping.
Thanks for the help!
Related
I have a site I currently run that works well, but both to learn and to make it more portable, I've been trying to dockerize it. I'm using the offical apache and php images, and setup my virtual hosts identical to how I have on the running site, just with different domains. Unfortunately, while I can get one to work, the second does not.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName api.gamersplane.local
DocumentRoot /var/www/api
ErrorLog "/var/log/gamersplane.api"
CustomLog "/var/log/gamersplane.api" common
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ProxyPassReverse ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
RewriteEngine On
RewriteBase /
RewriteRule !\.(css|jpg|js|gif|png|ico|eot|woff|ttff|svg|psd)$ dispatch.php
<Directory /var/www/api/>
Options FollowSymLinks
Require all granted
</Directory>
LogLevel notice
</VirtualHost>
<VirtualHost *:80>
ErrorLog "/var/log/gamersplane"
CustomLog "/var/log/gamersplane" common
ProxyPreserveHost On
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ProxyPassReverse ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ServerName gamersplane.local
ServerAlias *.gamersplane.local
DocumentRoot /var/www
RewriteEngine On
RewriteBase /
RewriteRule !\.(css|jpg|js|gif|png|ico|eot|woff|ttff|svg|psd)$ dispatch.php
<Directory /var/www/>
Options FollowSymLinks
Require all granted
</Directory>
LogLevel notice
</VirtualHost>
Originally, I had the first vhost (api.gamersplane) second, but thought maybe it was the server alias that was the problem. Then I switched positions, and even commented out the base (gamersplane.local), but had no luck. This works on the running site, so I can't figure out what's wrong with it.
Checking the headers returned by Postman, I do see it has the Apache and PHP headers, so it seems to be hitting SOMETHING, I just don't know what.
I have a website in an apache server and a mail server in the same machine. I want the port 80 request redirecting to https 443 port, so I put it in the vhost configuration.
I also want an autoconfig (Mozilla thunderbird use) for my mailserver. However I need to put a config-v1.1.xml accessible on port 80.
The problem is when I request http://example.com it's does not redirect to https://example.com like I want to but it redirects to the autoconfig.
Is there a way to keep autoconfig and have a redirection to https://example.com ?
I have setup a dns record for autoconfig.example.com and call it in vhost file but when I type mysite.com, it still goes in the autoconfig.
Any clues ?
Thanks
Here is the autoconfig.conf
Listen 80
Listen 443
<VirtualHost 178.33.235.19:80>
ServerName autoconfig.example.com
DocumentRoot /var/www/html/autoconfig/
<Directory /var/www/html/autoconfig>
Order allow,deny
allow from all
</Directory>
</VirtualHost>
And the site vhost example.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin admin#example.com
DocumentRoot /var/www/html/example/
DirectoryIndex index.php
ServerName example.com
ServerAlias www.example.com
#SSL Config
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/httpd/ssl/STAR_example_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/STAR_example_com.key
SSLCertificateChainFile /etc/httpd/ssl/COMODORSADomainValidationSecureServerCA.crt
<Directory /var/www/html/>
Options FollowSymLinks Indexes MultiViews
AllowOverride All
LogLevel crit
Require all granted
</Directory>
ErrorLog /var/log/apache/example-error_log
CustomLog /var/log/apache/example-access_log common
</VirtualHost>
Currently my server has 1 website running on https/ssl. The thing is when i enable a second vhost, also with https/ssl, the first website I have running is now using the ssl cert of the new website.
I have tried putting the two websites in a single vhost file, didn't work so I made 2 seperate files instead.
Here are my vhost config files:
(Naming them websiteZ and website Y because of alfabetical order they are in)
vhost current running website .conf
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteZ.nl
DocumentRoot "/var/www/html/websites/websiteZ.nl/public"
<Directory "/var/www/html/websites/websiteZ.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteZ.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteZ.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteZ.nl/cabundle.crt
</VirtualHost>
</IfModule>
new website with ssl .conf
<VirtualHost *:80>
ServerName websiteY.nl
ServerAlias www.websiteY.nl
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
DocumentRoot "/var/www/html/websites/websiteY.nl/public/"
<Directory "/var/www/html/websites/websiteY.nl/public/">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteY.nl
DocumentRoot "/var/www/html/websites/websiteY.nl/public"
<Directory "/var/www/html/websites/websiteY.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLStrictSNIVHostCheck on
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteY.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteY.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteY.nl/cabundle.crt
</VirtualHost>
</IfModule>
ports.conf
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
I looked up the SNI thing, but I think i'm missing something. The way I understand it is that I have to use NameVirtualHost to make it work.
The server is running on AWS ece2 with Ubuntu 16.04.2
The problem occors when i type in terminal:
a2ensite websiteY.conf
When I do that websiteZ will lose it's https cert and will show a big red cross wich says: NOT SECURE! When you click to proceed it links to websiteY
I am a little bit out of options, can someone help me out? Thanks!
When you enter www.websiteZ.nl without https, the request will first be caught by
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
and therefore redirected to https://websiteZ.nl
Since none of your :443 Virtual Hosts has neither ServerName or ServerAlias configured with websiteZ.nl, then the one from alphabetically first .conf file will be used, which is in this case the one with websiteY cert.
I am looking for a way to host multiple websites on a single server. Currently I have used reverse proxy to host two of the websites using the following method:
I have a php site in /var/www/html folder and a nodejs app running on localhost:3015. My apache2 config is like following:-
<VirtualHost *:80>
ServerName site1.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://localhost:3015/
ProxyPassReverse / http://localhost:3015/
ServerName site2.example.com
</VirtualHost>
Now I further want to host few old websites at:
site1.example.com/archives/2014, 13 and so on
site2.example.com/archives/2014, 13 and so on.
In case of site1.example.com I can use alias as the site hosted is a php site.
In the second case where I am using reverse proxy what will be the best way to host a php site.
Also, please suggest a way where new sites can be easily added and the old sites can be moved to archived folder. These site might be on django, ROR and so on.
Is this even possible?
This may not be quite what you are asking for, but give this a try. It's a variation on the Apache config I use in a dev VM, which is set up for wildcard domain hosting. I haven't tested this config specifically, but you should be able to tweak it to suit your needs.
This essentially tells Apache how to find sites such as:
site1.example.com => /var/www/html/site1/public_html
site2.example.com => /var/www/html/site1/public_html
2014.archive.site1.example.com => /var/www/html/site1/public_html/archives/2014
<VirtualHost *:80>
ServerName example.com
ServerAlias *.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
DirectoryIndex index.html index.php
RewriteEngine on
RewriteMap lowercase int:tolower
# *.example.com
RewriteCond ${lowercase:%{SERVER_NAME}} ^[a-zA-Z0-9-]+\.example\.com$
RewriteRule ^(.+) ${lowercase:%{SERVER_NAME}}$1 [C]
RewriteRule ^([a-zA-Z0-9-]+)\.example\.com/(.*) /var/www/html/$1/public_html/$2
# *.archive.*.example.com
RewriteCond ${lowercase:%{SERVER_NAME}} ^[a-zA-Z0-9-]+\.archive\.[a-zA-Z0-9-]+\.example\.com$
RewriteRule ^(.+) ${lowercase:%{SERVER_NAME}}$1 [C]
RewriteRule ^([a-zA-Z0-9-]+)\.archive\.([a-zA-Z0-9-]+)\.example\.com/(.*) /var/www/html/$2/public_html/archives/$1/$3
</VirtualHost>
If this isn't what you were asking for, let me know.
I finally figured out a way to do the same. What you need to do is host all the sites at different port:
site1 => 3015
site2 => 4015
site3 => 3014
site4 => 4014
and so on.
Now you can configure your default.conf in apache2 as following:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass /archive/2014/ http://localhost:3014/
ProxyPassReverse /archive/2014/ http://localhost:3014/
ProxyPass / http://localhost:3015/
ProxyPassReverse / http://localhost:3015/
ServerName site1.example.com
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass /archive/2014/ http://localhost:4014/
ProxyPassReverse /archive/2014/ http://localhost:4014/
ProxyPass / http://localhost:4015/
ProxyPassReverse / http://localhost:4015/
ServerName site2.example.com
</VirtualHost>
This will work for sites on any platform, currently my site3 and site4 are php and site1 and site2 are node and django respectively. You might need to play with urls and links a little to make everything work perfectly.
I have configured apache 2.2 webserver with tomcat. I want static files of my web application to be served using apache. I made a virtual host entry in httpd.conf
<VirtualHost *:8080>
Alias webcommon_alias C:/webcommon_bk
JkMountFile D:/xampp/apache/conf/myexample.net.properties
ServerName myexample.net
ErrorLog logs/myexample.net-error_log
CustomLog logs/myexample.net-access_log common
<Directory C:/webcommon_bk>
Order allow,deny
Allow from all
RewriteEngine On
RewriteBase /webcommon/
RewriteRule ((.*)\.(js|css|html|gif|png)$) webcommon_alias/$1
</Directory>
</VirtualHost>
But when i fetch this file in browser http://myexample.net:8080/webcommon/img/aboutBox.png i get Object not found! The requested URL was not found on this server.
Try this instead:
<VirtualHost *:8080>
Alias /webcommon C:/webcommon_bk
JkMountFile D:/xampp/apache/conf/myexample.net.properties
ServerName myexample.net
ErrorLog logs/myexample.net-error_log
CustomLog logs/myexample.net-access_log common
<Directory C:/webcommon_bk>
Order allow,deny
Allow from all
RewriteEngine On
RewriteRule ((.*)\.(js|css|html|gif|png)$) /webcommon/$1.$2
</Directory>
</VirtualHost>