Is there a way to force all http traffic to Apache to prevent direct access to a web app? - apache

My web app runs and listens on port 8080 using its on mini server. The Apache VirtualHost redirects all :80 traffic to :8080. What I would like to do is block requests directly to localhost (e.g. 127.0.0.1). Is there a way to force all requests on the server thru the Apache instance on that server? Or do I need to do this in .htaccess at the application level.
<VirtualHost *:80>
ServerName mydomain.com
#ServerAlias anothercooldomain.org
ProxyPreserveHost On
ProxyRequests Off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ErrorLog /var/log/apache2/myapp-error.log
CustomLog /var/log/apache2/myapp-access.log combined
</VirtualHost>

Related

How do I send requests to two processes in Apache2?

I got two servers, a custom Rust server I've created, listening to port 4848, and a Gitea server listening at 3000. I can connect to both of these just fine if I input the IP and port directly, but obviously this is not ideal. How can I direct *.domain.exmaple to the process at 4848, and gitea.domain.example at 3000?
I'm using Ubuntu 22
Thanks!
Finally managed to find a solution. I edited my main configuration file to this
<VirtualHost *:80>
ServerAdmin admin#email
ServerName gitea.domain.example
ProxyPreserveHost On
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#email
ServerName domain.example
ServerAlias *.domain.example
ProxyPreserveHost On
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://localhost:4848/
ProxyPassReverse / http://localhost:4848/
</VirtualHost>

Setting up reverse proxy using Apache on Windows Server 2008 R2

I am trying to setup Reverse Proxy using Apache Server 2.4.23 for two different domain. One domain is pointing to localhost site and other is pointing to other server web site. Here are my configuration
Listen 111.111.11.222:80
Listen 111.111.11.333:80
<VirtualHost 111.111.11.222:80>
ServerName myapp.com
ErrorLog "logs/app_error_log"
CustomLog "logs/app_access_log" common
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://111.111.11.222:8090/
ProxyPassReverse / http://111.111.11.222:8090/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost 111.111.11.333:80>
ServerName myauditor.com
ProxyRequests Off
# ProxyPreserveHost On
ErrorLog "logs/auditor_error_log"
CustomLog "logs/auditor_access_log" common
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.mycompamy.com/
ProxyPassReverse / http://www.mycompany.com/
</VirtualHost>
In these settings, first "myapp.com" is working fine as needed. However when I try myauditor.com then instead of acting it as reverse proxy, it is redirecting to www.mycompany.com.
In myauditor.com setting, if I un-comment and use ProxyPreserveHost On then myauditor.com start giving me error
Invalid URL
The requested URL "http://%5bNo%20Host%5d/", is invalid.
Reference #9.2d3d6b68.1485193636.126886bd
I am new to Apache so I am not sure, when ProxyPreserveHost is working fine in first VirtualHost then why it causing issue in second VirtualHost.

How to prevent tomcat7 repeat context name in apache proxy setup

I have this problem where my apache forward http request to tomcat using proxy (see my apache virtual host config below).It works fine, but the web http request http://subdomain.example.com/xyz/images/background2.jpg arrive at tomcat as /xyz/xyz/images/background2.jpg. context name "xyz" appear twice which cause missing resource at tomcat end.
How do you resolve this problem ?
Apache Virtual Host config file
<VirtualHost *:80>
ServerName subdomain.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.example.com:8080/xyz/
ProxyPassReverse / http://www.example.com:8080/xyz/
</VirtualHost>
Tomcat project setup: ../tomcat7/webapps/xyz/...
You need to update ProxyPass settings as below.
ProxyPass /xyz/ http://www.example.com:8080/xyz/
ProxyPassReverse /xyz/ http://www.example.com:8080/xyz/

Apache documentroot other local server

I have a particular subdomain in my apache2 virtualhost 'httpd.conf' file that i would like to redirect to another local apache server. I have a router that redirects all requests on port 80 to the original server.
The second server is NOT on a different global IP address, but on a different local IP address.
Is there any way i can do this,
thanks
You can do this using Apache's proxy functionality. For example:
<VirtualHost *:80>
ServerName myhostname
<Location />
ProxyPass http://address-of-local-server/
ProxyPassReverse http://address-of-local-server/
</Location>
</VirtualHost>
This will cause Apache to proxy requests that match this VirtualHost definition to another server and return the results to the client.
This presumes that you have mod_proxy enabled.
You can mod proxy to any resource identified by it's IP address e.g
<VirtualHost *:80>
ServerName subdomain.domain.com
DocumentRoot /whatever
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location / >
ProxyPass http://192.168.0.x
ProxyPassReverse http://192.168.0.x
</Location>
#...
</VirtualHost>

Apache redirect to another port

I've struggled with this for some time and am definitely doing something wrong.
I have Apache server and a JBoss server on the same machine. I'd like to redirect traffic for mydomain.example to JBoss localhost:8080/example. The DNS is currently setup for mydomain.example and it will go straight to port 80 when entered into the browser.
My question is how do I redirect to a different port when a certain domain name comes to Apache (in this case, mydomain.example)?
<VirtualHost ip.addr.is.here>
ProxyPreserveHost On
ProxyRequests Off
ServerName mydomain.example
ProxyPass http://mydomain.example http://localhost:8080/example
ProxyPassReverse http://mydomain.example http://localhost:8080/example
</VirtualHost>
After implementing some suggestions:
Still not forwarding to port 8080
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName mydomain.example
ServerAlias www.mydomain.example
ProxyPass http://mydomain.example http://localhost:8080/example
ProxyPassReverse http://mydomain.example http://localhost:8080/example
</VirtualHost>
You should leave out the domain http://example.com in ProxyPass and ProxyPassReverse and leave it as /. Additionally, you need to leave the / at the end of example/ to where it is redirecting. Also, I had some trouble with http://example.com vs. http://www.example.com - only the www worked until I made the ServerName www.example.com, and the ServerAlias example.com. Give the following a go.
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.example.com
ServerAlias example.com
ProxyPass / http://localhost:8080/example/
ProxyPassReverse / http://localhost:8080/example/
</VirtualHost>
After you make these changes, add the needed modules and restart apache
sudo a2enmod proxy && sudo a2enmod proxy_http && sudo service apache2 restart
I solved this issue with the following code:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName myhost.example
ServerAlias www.myhost.example
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
I also used:
a2enmod proxy_http
I wanted to do exactly this so I could access Jenkins from the root domain.
I found I had to disable the default site to get this to work. Here's exactly what I did.
$ sudo vi /etc/apache2/sites-available/jenkins
And insert this into file:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName mydomain.example
ServerAlias mydomain
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
Next you need to enable/disable the appropriate sites:
$ sudo a2ensite jenkins
$ sudo a2dissite default
$ sudo service apache2 reload
Found this out by trial and error. If your configuration specifies a ServerName, then your VirtualHost directive will need to do the same. In the following example, awesome.example.com and amazing.example.com would both be forwarded to some local service running on port 4567.
ServerName example.com:80
<VirtualHost example.com:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName awesome.example.com
ServerAlias amazing.example.com
ProxyPass / http://localhost:4567/
ProxyPassReverse / http://localhost:4567/
</VirtualHost>
I know this doesn't exactly answer the question, but I'm putting it here because this is the top search result for Apache port forwarding. So I figure it'll help somebody someday.
This might be an old question, but here's what I did:
In a .conf file loaded by Apache:
<VirtualHost *:80>
ServerName something.com
ProxyPass / http://localhost:8080/
</VirtualHost>
Explanation: Listen on all requests to the local machine's port 80. If I requested "http://something.com/somethingorother", forward that request to "http://localhost:8080/somethingorother". This should work for an external visitor because, according to the docs, it maps the remote request to the local server's space.
I'm running Apache 2.4.6-2ubuntu2.2, so I'm not sure how the "-2ubuntu2.2" affects the wider applicability of this answer.
You have to make sure that the proxy is enabled on the server. You can do so by using the following commands:
a2enmod proxy
a2enmod proxy_http
service apache2 restart
If you don't have to use a proxy to JBoss and mydomain.example:8080 can be "exposed" to the world, then I would do this.
<VirtualHost *:80>
ServerName mydomain.example
Redirect 301 / http://mydomain.example:8080/
</VirtualHost>
Just use a Reverse Proxy in your apache configuration (directly):
ProxyPass /foo http://foo.example.com/bar
ProxyPassReverse /foo http://foo.example.com/bar
Look here for apache documentation of how to use the mod
My apache listens to 2 different ports,
Listen 8080
Listen 80
I use the 80 when i want a transparent URL and do not put the port after the URL
useful for google services that wont allow local url?
But i use the 8080 for internal developing where i use the port as a reference for a "dev environment"
You need 2 things:
Add a ServerAlias www.mydomain.example to your config
change your proxypass to ProxyPassMatch ^(.*)$ http://localhost:8080/example$1, to possibly keep mod_dir and trailing slashes from interfering.
Apache supports name based and IP based virtual hosts. It looks like you are using both, which is probably not what you need.
I think you're actually trying to set up name-based virtual hosting, and for that you don't need to specify the IP address.
Try < VirtualHost *:80> to bind to all IP addresses, unless you really want ip based virtual hosting. This may be the case if the server has several IP addresses, and you want to serve different sites on different addresses. The most common setup is (I would guess) name based virtual hosts.
This is working in ISPConfig too. In website list get inside a domain, click to Options tab, add these lines: ;
ProxyPass / http://localhost:8181/
ProxyPassReverse / http://localhost:8181/
Then go to website and wolaa :) This is working HTTPS protocol too.
Try this one-
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.adminbackend.example.com
ServerAlias adminbackend.example.com
ProxyPass / http://localhost:6000/
ProxyPassReverse / http://localhost:6000/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
This is how I redirected part of the requests to one url and rest to another url:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName localhost
ProxyPass /context/static/content http://localhost:80/web/
ProxyPassReverse /context/static/content http://localhost:80/web/
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
All are excellent insights to accessing ports via domain names on virtual servers. Do not forget, however, to enable virtual servers; this may be commented out:
NameVirtualHost *:80
<Directory "/home/dawba/www/">
allow from all
</Directory>
We run WSGI with an Apache server at the domain sxxxx.com and a golang server running on port 6800. Some firewalls seem to block domain names with ports. This was our solution:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName wsgi.sxxxx.example
DocumentRoot "/home/dxxxx/www"
<Directory "/home/dxxx/www">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ScriptAlias /py/ "/home/dxxxx/www/py/"
WSGIScriptAlias /wsgiprog /home/dxxxx/www/wsgiprog/Form/Start.wsgi
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName sxxxx.com
ServerAlias www.sxxxx.com
ProxyPass / http://localhost:6800/
ProxyPassReverse / http://localhost:6800/
</VirtualHost>