I have the following question that I do not know how to solve it in the most efficient way.
I have two servers, one with Apache where I have a Wordpress instance responding for port 80, and on another server I have a Wildfly with another application listening on port 8080. The Wordpress that I have configured on the Apache server, responds to the URL http://www.somedomain.com What I'm not so clear about is how to do when a request arrives at http://www.somedomain.com/yyyy and redirects me to the Wildfly server where an application is responding to the URL : 8080 / app
How could I do it in the most effective way? Using the rewrite module in the .htaccess file or using the Apache proxy module and configuring it in the Apache virtual host? How would I have to do it?
Thank you very much in advance.
You're mixing a few things that are not related to each other. First of all, a redirect is something different than a proxy. Redirecting means asking the client (browser) to look at another URL. A proxy, on the other hand, retrieves the content of the other URL itself and passes it to the client. Using a proxy, the other URL remains invisible to the client.
Second, mod_rewrite is not limited to htaccess configuration. In fact it's better to configure mod_rewrite in the virtual host configuration, just as you suggested with the proxy configuration.
The htaccess is simply for users who are not allowed to mess with the server configuration itself. Configuration in the htaccess can be limited by the admin for security purposes at the cost of slowing down the server.
That said, if you are looking to map your wildfly server paths into your main server's paths, you might want to use something like this inside your main server's virtual host block:
<Location "/yyyy">
ProxyPass "http://wildfly:8080/app"
</Location>
See http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass for detailed explanations.
Related
Is it possible to configure a vhost on httpd that accepts any domain received and proxies to the actual website? Like subdomain wildcard but for the domain.
I'm assuming that tools like Squid Proxy can do this just fine, I'm just curious if it can be done with apache.
Sure that is possible, but you don't even need a proxy for that. The apache http server offers the concept of a "default virtual host". Which is exactly what you want: that host is responsible to respond to incoming requests to http hosts that do not have a specific configuration.
The default typically simply is the first of all hosts defined inside an apache http server.
An alternative I personally use is to setup the virtual hosts by just a basic configuration (name, admin and the like), but to include the actual content configuration (DocumentRoot and rewriting stuff) from a separate file). That way you can easily share the same setup between many virtual hosts but still have individual configuration options per domain, subdomain, http host, however you want to call that (there is no difference for the http server anyway, it is all http hosts).
Tomcat in our application is considered back-and side and additionaly we have apache that fronting tomcat server as a reverse proxy and redirect requests to appropriate tomcat instance.
Now we need to set up HTTPS connection between apache proxy and tomcat for specific urls(Login, etc..). Tomcat documentation says that it's possible to achieve this with additional <Connector> within server.xml config.
In order to set up https over login page existing configuration with AJP protocol was replaced with the following:
ProxyPass /app/login/ https://127.0.0.1:6666/app/login/
All other urls specified like below:
ProxyPass /app/anyotherurl/ ajp://127.0.0.1:5555/app/anyotherurl/
With configuration below we expect that secure data (login/password) for login page will be encrypted and all other page will remain unchanged.
After the login apache should use normal ajp protocol because there is no sensetive information any more to protect. But it's not what actually happen in our case because for some reason apache is redirecting us to host specified in ProxyPass, namely to localhost.
This could happen due to the fact that our application while executing login logic on tomcat has two consecutive redirects.
We've tried to set ProxyPreserveHost on within virtual host to fix situation mentioned above, but we are not sure whether it is secure option and this one won't break another pages as well as we are not sure how it will work if tomcat will be located on other machine.
It would be good to know any other solution how such stuff can be applied internally for specific pages.
How do I remove the need to type /web on the end of my PLEX media server to access from outside my network? I have a no-ip.com account and set up a static domain name to point to a static ip. But that doesn't help much, because I still need to type in the /web to access my media server. I am using windows 7. I have set up a owncloud server before and removed the need to type /owncloud in the httpd.conf file. But I can't find it for the plex server. I read somewhere to set up a page that will redirect to /web, but I don't know how to do that. Thanks for help!
You can remove both the port (in case you are already not forwarding it from port 80 to Plex's port) and the need for the /web at end using redirection rules.
Here is a good example of how to do just that (this solution uses Apache):
http://matt.coneybeare.me/how-to-map-plex-media-server-to-your-home-domain/
EDIT: Small correction, that site I linked is not using redirection rules, it is using a reverse proxy.
With a redirection rule if you type: myPlexServer.com, you'll be redirected to myPlexServer.com:32400/web (as in, the address on your browser will actually be re-written to that, same as clicking on a link that takes you to another page).
With a reverse proxy, you effectively have a man in the middle, the reverse proxy server itself. You send requests to myPlexServer.com (Apache server in this case), it receives those requests and the proxy forwards them to myPlexServer.com:32400/web (PMS Server). The PMS server sends the reply to the Apache server and the Apache server sends the reply back to you. As far as PMS is concerned, the client requesting info is the Apache server, in fact it doesn't even know about you talking to the Apache server.
I have a server with several services running. One of them is accessible through the domain name like "https://www.foo.bar". Two other services are running on specific ports. So they are accessible through "https://www.foo.bar:1234".
Is it able to configure an apache2 server in a specific way, so it uses always the port 443 but with a different URL like "https://www.foo.bar/service1"?
Try ProxyPass, what you describe is a special case of a setup called Reverse Proxy: your httpd forwards requests to the other service and returns the answers to the client. (The other service happens to run on the same machine in your case, but it needn't. A simple kind of backend load-balancing can also be done this way.)
<Location /service1>
ProxyPass https://localhost:1234
ProxyPassReverse https://localhost:1234
</Location>
Be careful that your other service needs some rudimentary support for this kind of setup: if it returns HTML pages with links in it, it can't assume anymore that https://www.foo.bar:1234/foo/bar.html is the correct URL to tell the client. httpd will not look into the returned content and rewrite it for you.
My problem is, that I recently set up a Tomcat7 application container with Apache2.2 Frontend. As the project is still under development I am controlling access by an IP whitelist set up in .htaccess for the domain.
I set up mod_jk via AJP13 to Tomcat, it works absolutely fine, except the fact that .htaccess doesn't block the forward for Tomcat. In other words if you enter www.mydomain.com from a "black" IP, you get forwarded to the error page but if you enter www.mydomain.com/AppContext you slip through Apache into Tomcat
I started messing with urlrewritefilter with Tomcat, but for some reason it didn't work.
I am wondering if there is any way to set up .htaccess or apache instead to block requests forwarded to Tomcat similarly to request for Apache?
Also noticed a dramatic speed decrease when using it like that, us that common when using Apache as a frontend?
.htaccess files will work only when Apache is using a <Directory> based configuration (in httpd.conf). In case of mod_jk, matching requests (as specified by JkMount directive) will simply be forwarded to the AJP connector.
Use <Location> to control access instead:
<Location "/AppContext">
Order Deny,Allow
Deny from all
Allow from .myCompany.local
</Location>
See <Location> Directive> for details.
I faced the same problem and found a solution which may solve your case too.
Use a reverse proxy server like Nginx or Squid to redirect the traffic Apache Tomcat. Both of them can use htpassword for authentication and hence, will serve your need. If you want to use Apache as frontend then backend can be nginx which in turn will redirect to Tomcat after proper authentication. It may have a performance hit, though.
https://www.digitalocean.com/community/tutorials/how-to-set-up-http-authentication-with-nginx-on-ubuntu-12-10