I am trying to run a PHP chat on sockets.
Server configuration: Ubuntu-18.04-amd64, Apache/2.4.29, SSL certificate from Let's Encrypt.
I use rachet. Here, here and here it is described how to connect sockets through SSL connections. But I didn’t succeed.
I installed the necessary modules in Apache:
sudo a2enmod proxy
sudo a2enmod proxy_wstunnel
sudo a2enmod proxy_http
Wrote in /etc/apache2/apache2.conf
<VirtualHost *: 443>
<Location "/chat/">
ProxyPreserveHost On
ProxyPass /ws ws://xxxxxx.xx:999
ProxyPassReverse /ws ws://xxxxxx.xx:999
</Location>
</VirtualHost>
Opened 999 port
sudo iptables -I INPUT -p tcp --dport 999 -j ACCEPT
Restarted Apache
sudo systemctl restart apache2
Launched a chat server
php /var/www/html/chat/bin/chat-server.php
Wrote in the socket call script
websocket = new WebSocket ('wss://xxxxxx.xx/chat');
I tried to connect from a browser at
https://xxxxxx.xx/chat/
And got an error
WebSocket connection to 'wss://xxxxxx.xx/chat' failed: Error during
WebSocket handshake: Unexpected response code: 301
I read various tips, but still could not understand what I was doing wrong. Any attempt to change the situation creates errors 301, 300, 500 or 200.
Please tell me what I was wrong?
Related
■Background
trying to get SSL through Let's Encrypt
■Issue
As run the code below,
sudo certbot --apache -d hogehoge.com
I got the port 80 error
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
and unable to resolve this error
■What I have tried
have set up the port 80
vim /etc/httpd/conf/httpd.conf
add the description in the file.
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root#hogehoge
DocumentRoot /var/www/html
ServerName hogehoge
</VirtualHost>
but I still got the same error.
would you kindly tell me the cause and how to make it work?
Default command "sudo certbot renew" error on localhost
(1)Uninstall certbot
(2)Reinstall certbot
(3)Sudo certbot certonly
(4)Select option 1, spin up temporary web server
(5)Ensure port 80 is accessible from outside, port forwarding in router
(6) Ensure all services using port 80 are stopped
Try
RewriteCond %{REQUEST_URI} !.well-known/acme-challenge
Enabling HTTPS on a Single Instance Beanstalk application: Unable to find a virtual host listening on port 80
I need to forward all traffic from specified port to a Unix Domain Socket in Apache:
In sites-enabled/000-default.conf I have defined a VirtualHost:
<VirtualHost *:8091>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / unix:/var/lib/jenkins/workspace/myproject/mysocket.sock|http://127.0.0.1/
ProxyPassReverse / unix:/var/lib/jenkins/workspace/myproject/mysocket.sock|http://127.0.0.1/
</VirtualHost>
In ports.conf I have:
Listen 80
Listen 8091
I have both proxy and proxy_http mods enabled:
krzysiek:/etc/apache2$ a2enmod proxy
Module proxy already enabled
krzysiek:/etc/apache2$ a2enmod proxy_http
Module proxy already enabled
I am using Apache 2.4.7 and offical documentation states that:
In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target which prepends unix:/path/lis.sock|
When I reload Apache I get error:
krzysiek:/etc/apache2$ sudo service apache2 restart
* Restarting web server apache2 [fail]
* The apache2 configtest failed.
AH00526: Syntax error on line 64 of /etc/apache2/sites-enabled/000-default.conf:
ProxyPass URL must be absolute!
I tried changing:
ProxyPass / unix:/var/(...)
To:
ProxyPass / unix:///var/(...)
Then Apache reloads correctly but forwarding DOES NOT work, error.log says:
[proxy:warn] [pid 22436] [client 10.0.4.19:47662] AH01144: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
Could you explain me what I'm doing wrong? Or how do I forward traffic from port to unix socket on Apache correctly?
Might be a bit late 🙂, but the following apache config works for me:
ProxyRequests off
Define SOCKET_NAME /path/to/my.sock
ProxyPass / unix:${SOCKET_NAME}|uwsgi://%{HTTP_HOST}/
ProxyPassReverse / unix:${SOCKET_NAME}|uwsgi://%{HTTP_HOST}/
with modules proxy and proxy_uwsgi loaded.
Important do not place your socket in /tmp (I think systemd prevents the apache process to directly access it for security reasons).
Also, watch out for the file permissions.
I have been trying to setup Apache as a ReverseProxy to an internal Gitlab server with no success.
We are running multiple virtual servers, each server having a different application. We have an existing server with Apache 2.4 installed on CentOS 6.6 and working, and I just recently stood up a new server with GitLab 8.12 on CentOS 7. I have made the following change in /etc/gitlab/gitlab.rb
external_url 'http://mypublic.domain.com:80'
I have added the following rules in iptables
-A INPUT -p tcp -m state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state NEW -m tcp --dport 80 -j ACCEPT
I have verified that we can ssh in using http://mypublic.domain.com:22
I have tried every setup I could find online to set the VirtualHost in httpd.conf, but nothing is working correctly. Below are a couple of the more recent, simple examples I have found. Does anyone have any ideas?
<VirtualHost 192.168.1.000:80>
ServerName mypublic.domain.com
RewriteEngine On
ProxyPass / http://192.168.1.999/
ProxyPassReverse / http://192.168.1.999/
</VirtualHost>
####
<VirtualHost 192.168.1.000:80>
ServerName mypublic.domain.com
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
<Location />
Require all granted
ProxyPass http://192.168.1.999:80
ProxyPassReverse http://192.168.1.999:80
</Location>
</VirtualHost>
####
Apache Server: 192.168.1.000
GitLab Server: 192.168.1.999
Any help would be much appreciated, thanks!
I'm trying to run an Apache Solr Service (on its emdedded jetty server) on a remote server. The admin has provided me following information:
DNS: my.server.com
IP: xxx.xxx.xxx
Server OS: 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux
Only Port 80 is accessible. On the server we want to deploy Apache Solr and a microservice which uses Solr as search engine. I want to use Apache Webserver to forward the HTTP-Request to the Solr Admin UI and to the microservice UI, but it doesn't seem to work, I use Apache Server version: Apache/2.4.10 (Debian)
Server built: Sep 15 2016 20:44:43.
I installed Apache and started the server, so far everything works as expected. I can access the admin view from Apache entering the DNS in my browser.
I enabled a few modules following this articel https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension:
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
Then I tried to configure a virtual host under /etc/apache2/sites-available/myconf.conf:
<VirtualHost *:80>
DocumentRoot /var/www/html
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ProxyPass /solr http://my.server.com:8983 retry=0 timeout=5
ProxyPassReverse /solr http://my.server.com:8983
ProxyPass /microservice http://my.server.com:6868 retry=0 timeout=5
ProxyPassReverse /microservice http://my.server.com:6868
LogLevel debug
</VirtualHost>
Solr uses its standard port 8983 and the microservice will be on port 6868. When I try to acces solr with http://my.server.com/solr I get an HTTP 503 Service unavailable.
I first tried this:
/usr/sbin/setsebool -P httpd_can_network_connect 1
But it changed nothing. I also had to install first:
apt-get install policycoreutils
to make this option available. The solr service seems to be ok:
solr status
Found 1 Solr nodes:
Solr process 14082 running on port 8983
{
"solr_home":"/etc/apache-solr/solr-6.2.0/server/solr",
"version":"6.2.0 764d0f19151dbff6f5fcd9fc4b2682cf934590c5 - mike - 2016-08-20 05:41:37",
"startTime":"2016-10-07T12:02:05.300Z",
"uptime":"0 days, 1 hours, 29 minutes, 55 seconds",
"memory":"29.7 MB (%6.1) of 490.7 MB"}
The Apache log keeps saying:
The timeout specified has expired: AH00957: HTTP: attempt to connect to xxx.xxx.xxx:8983 (my.server.com) failed
AH00959: ap_proxy_connect_backend disabling worker for (my.server.com) for 0s
AH01114: HTTP: failed to make connection to backend: my.server.com
Without my timeout setting everthing keeps the same but it takes ages before I get the 503 Error.
Any hints? After one day struggeling I'm depressed ... all I want is to finish the task.
Thanks in advance!
It turns out that I needed to append a slash to the urls:
ProxyPass /solr/ http://my.server.com:8983/ retry=0 timeout=5
ProxyPassReverse /solr/ http://my.server.com:8983/
ProxyPass /microservice/ http://my.server.com:6868/ retry=0 timeout=5
ProxyPassReverse /microservice/ http://my.server.com:6868/
I've got a problem with my apache configuration.
I'm running a apache2 in a docker container.
In the same container is a webrick running on port 3000
What I want is that when someone calls subdomain.mydomain.de
There should be a pass through to
subdomain.mydomain.de:3000
I've done this:
sudo nano /etc/apache2/sites-enabled/000-default.conf
added this in default.conf
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName mydomain.de
ServerAlias *.mydomain.de
ProxyPass / http://subdomain.mydomain.de:3000/
ProxyPassReverse / http://subdomain.mydomain.de:3000/
</VirtualHost>
a2enmod proxy
sudo /etc/init.d/apache2 restart
But all what I got is this:
Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator at [no address given] to
inform them of the time this error occurred, and the actions you
performed just before this error.
More information about this error may be available in the server error
log.
Solution for this problem is:
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo service apache2 reload