I have the following problem:
I have my HomeServer on IP 192.168.0.1, it's an exposed host, getting every access from outside.
On this Server I have running some lxc containerts, two of them have apache2, etc on it.
Now I want to access every server via a special URL, for example:
cloud.example.com -> going to the "cloud" container on IP 192.168.0.101
torrent.example.com -> going to the "torrent" container on IP 192.168.0.103
everything else should go the HomeServer on 192.168.0.1
I thought of it like this: everything should go to 192.168.0.1, there I would have some VirtualHosts looking for the URL and forwarding the traffic to the needed server or showing the "default" page of the HomeServer (192.168.0.1)
The thing is, I've searched for quite a while but can't find the stuff I need.
Someone an idea?
Thanks in advance
Something like that maybe :
<VirtualHost *:80>
ServerName cloud.example.com:80
ProxyPass / http://192.168.0.101/
ProxyPassReverse / http://192.168.0.101/
</VirtualHost>
The "default page" being in the document root of the main configuration (not the virtual host).
You could also try using Caddy web server as a reverse proxy, it is the simplest to manage that I've come across and the config file is much simpler than Apache or NGINX.
I am now using HAProxy and it's working perfectly.
Send requests from outside to router -> router sends it to HAProxy container -> HAProxy sends it to the needed container
Related
I use a Bitnami MEAN installation (https://bitnami.com/stack/mean) v 3.2.11 on EC2. I didn't do any extra modifications of the apache2 setup except for the rerouting the port where my app runs to port 80, like this
ProxyPass / http://127.0.0.1:5000/
ProxyPassReverse / http://127.0.0.1:5000/
Now my app is available fine on :80 port via http:// but I can't make it run via https://. But access via https is what I wanted to achieve. I could not figure the right step by step guide on how to create or enable SSL. All Bitnami docs sound like it's assumed to be working already.
As far as I understood from - https://docs.bitnami.com/aws/components/apache/#https-port the basic certificate is already included into the setup so you can make use of that one without creating your own. The only thing you need is to enable it - That may be wrong assumption, let me know.
Also here on bitnami support it says
Apache waits for HTTPS requests on port 443. Change that by editing
the /opt/bitnami/apache2/conf/bitnami/bitnami.conf file and modifying
the value specified in the Port directive. For example:
Listen 8443
Does that mean that I need to reroute my :5000 port to :8443 ??
I've also found this question - Installing SSL on AWS EC2 Bitnami Mean Stack that didn't recieve a proper answer for more than a year.
Does that mean that I need to reroute my :5000 port to :8443 ??
No, you don't need to redirect that. Your problem is that you're proxy-passing every request from port 80 to 5000 (where your app runs) but when using HTTPS your requests use the port 443. Those request are not being proxy-passed to port 5000 and, therefore, your app doesn't receive them.
What Apache configuration file did you modify including those lines? You need to be sure that both the VirtualHosts for port 80 and the one for port 443 include the ProxyPass redirections. For example, if you edited the file /opt/bitnami/apache2/conf/bitnami/bitnami.conf, ensure you add it in the Virtualhosts <VirtualHost _default_:80> and <VirtualHost _default_:443>
As far as I understood from - https://docs.bitnami.com/aws/components/apache/#https-port the basic certificate is already included into the setup so you can make use of that one without creating your own.
Yes, the Bitnami Stack includes a dummy certificate. However, it's recommended to create your own one since the browsers won't recognize it as a valid one since it's self-signed. You can find more information in the link below:
https://docs.bitnami.com/aws/components/apache/#how-to-create-an-ssl-certificate
I have a development server running Centos 7 I've setup in my living room. As of now I'm not using a domain, my ISP blocks port 80 so I've got Apache listening on port 8080.
I have a few different sites on here I've been playing with. One of them is a redmine installation, another is wordpress, and the other has dolphin on it. I can get any one of these 3 to run normally off the root ip xxx.xxx.xxx.xxx:8080 but when I try to setup an alias it points to the server's local ip. This works great from home, but I can't access them anywhere else.
I've setup a virtual host configuration in apache like this:
<VirtualHost *:8080>
DocumentRoot /var/www/html/wordpress
Alias /wordpress /var/www/html/wordpress
</VirtualHost>
When I open xxx.xxx.xxx.xxx:8080/wordpress it tries to redirect to the local ip 192.168.1.xxx:8080/wordpress I feel like I'm on the right track but I'm not sure where to go from here. Thank you.
I stumbled upon the solution today after running into something similar with a site I migrated for a client today. I was sure it had to be an apache issue.
The WP installation (and others) were pointing to my private IP as I'm not using domains for any of them. This is why I kept having the site redirect.
192.168.* are private network addresses. And by definition "IP packets addressed from them cannot be transmitted through the public Internet".
You have to get yourself a public IP or use a service like https://ngrok.com/.
Alias directive itself shouldn't cause redirect. There is something else (probably some Wordpress setting or .htaccess redirect) that is causing that when the page is opened (or not found)
I am running Glassfish Server on Linux 6 for my Oracle Apex applications running on Port 8080 and 8181(for https).
now, suppose my domain is mydomain.com,
and when I access
a.mydomain.com -> it should be redirected to application 1 (i.e a.mydomain.com:8080/apex/f?p=1)
b.mydomain.com -> it should be redirected to application 2 (i.e b.mydomain.com:8080/apex/f?p=2)
and so on...
if it is hard to figure out with Glassfish, I can also move to Apache Tomcat if required.
Any advice/idea would be greatly appreciable.
I don't know Glassfish, but you might try ProxyPass inside your virtual host config
ProxyPass / http://a.mydomain.com:8080/apex/f?p=1
Similar for the b.mydomain.com domain.
If you really want a redirect, i.e. the browser's URL changes, use Redirect instead
Redirect / http://a.mydomain.com:8080/apex/f?p=1
We're trying to set up two sites on same Apache instance, although on different ports.
We have a ReviewBoard set up on an Apache in an AWS instance. It runs on 443, and is working fine.
Now, we're trying to set up MediaWiki on same server. I'm assuming safest and fastest way is to set it to listen on a different port. So, we've set up Apache to listen on 8443, and enabled MediaWiki like so
<IfModule mod_ssl.c>
<VirtualHost _default_:8443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/<domain_name>
This is working fine for accessing homepage of wiki.
following are the issues we're facing -
This setup requires adding port to the URL. Since https by default uses 443, we need to add :8443 at end of url to access Wiki Page. Ideally, we'd like to do away with the port.
MediaWiki Login doesn't work. After login, user is redirected to port 80. If this port is blocked, which is what we want, whole flow is dead in water.
We'd like to use same AWS instance, although we're open to setting up another instance of Apache (not sure if it is possible / best practice).
Any ideas?
For issue number 2, make sure that you've updated your $wgServer variable to include the not-standard port number like so $wgServer = "https://127.0.0.1:8443";
Thanks TyA.
Solved this.
Multiple domain with the same ip and port in apache
TyA's solution.
Separate AWS or Apache instance not required.
We have a win2003 server that run both IIS 7 and apache (using wamp server 2.2).
We put on both server a page named test.html that show us a message that say "You are on IIS page" and "You are on WAMP page" to show us if everything is working correctly.
Both running real great locally. IIS is listening on port 80 and apache on port 8082. The problems come remotly. Both services are running and wamp is fully online (green icon + "put online" option activate).
Locally, on the server, doing http://localhost/test.html and http://localhost:8082/test.html show the correct pages. If we replace localhost by real IP address (for example purpose, let say http://10.2.5.16/test.html and http://10.2.5.16:8082/test.html), still work. (not actual address but address used for real is the same used by dns web service)
Remotly, from any other PC, doing http://10.2.5.16/test.html and http://10.2.5.16:8082/test.html, the first give us the website normally, the second give us a HTTP 403 FORBIDEN (tried using both htaccess and windows permission, still have 403). The same way, using http://www.ourdomain.com/test.html and http://www.ourdomain.com:8082/test.html give us the exact same result (first ok, second 403)
Is it possible to make it work correctly?
Thanks in advance.
edit: Just to add to the solution :
the firewall was blocking me, add the wamp on this port allowed
in my configuration, i had in my directory statement Require local, which needed to be set to Require all granted
for the rest, the solution was pretty it.
Thanks again.
The fact that you can get to the sites locally tells me both servers are setup correctly and listening on respective ports.
Upon further questions, the OP indicated that the Servername Directive, is pointing to localhost and it should be changed as.
ServerName localhost:8082
To
ServerName example.com:8082 # or add "ServerAlias example.com:8082" to your existing.
Where as example.com is your site DNS. Then in your [System32\drivers\etc\hosts] point that DNS to the ip of your Remote host.
403 is happening because the request from the remote is not matched against any Servername or ServerAlias and it falls to the default handler which normally has stricket permissions. If you look closely in logs(/logs/apache/access.log), there should be something about "access denied by server configuration /somelocation like your default DocRoot"
If you make request for http://example.com and you have correct ip in your hostfile, you can trace what happens to that request in the remote host and where it ends up(firewalls, Apache etc). Apache is good at logging and you just need to find relevant log entries!