I am trying to configure an Apache server to have 2 subdomains making use of a reverse proxy. I am able to redirect traffic to the first subdomain (first.example.com) and retrieve content from the https site successfully. However, whenever I try to access the second subdomain I end up getting content from the first, and since routes don't match my local website, I get a not found page.
I would like to know what can I adjust from my current configuration so I can get content from my localhost site to.
Here is my current configuration:
<Proxy *>
Require all granted
</Proxy>
SSLProxyEngine On
ProxyRequests Off
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
SSLInsecureRenegotiation on
SSLProxyVerify none
SSLVerifyClient none
SSLProxyCheckPeerName off
<VirtualHost first.example.com:80>
ServerName first.example.com
ProxyPass /first https://stackoverflow.com
ProxyPassReverse /first https://stackoverflow.com
ProxyPassMatch ^/(.*)$ https://stackoverflow.com/$1
</VirtualHost>
<VirtualHost second.example.com:80>
ServerName second.example.com
ProxyPass /site http://localhost/site
ProxyPassReverse /site http://localhost/site
ProxyPassMatch ^/(.*)$ http://localhost/site/$1
</VirtualHost>
Thank you very much in advance!
Best Regards!
Edgar Martínez.
Your current configuration is conflicting with itself. ProxyPass and ProxyPassMatch does the same thing (in regex) but you declared it both with different rules.
ProxyPass /site http://localhost/site
Rule says: anyone that visits http://second.example.com/site will be fed content from http://localhost/site. If you visit http://second.example.com/foo, you get nothing.
The match line
ProxyPassMatch ^/(.*)$ http://localhost/site/$1
Rule says: Anyone that visits http://second.example.com/site will be fed content from http://localhost/site/site. If you visit http://second.example.com/foo, you get http://localhost/site/foo.
If you use the Match version (regex), you're also out of luck for the reverse rule which doesn't have a regex version. Though, I'm not certain you actually need the reverse rule.
As to why your second request got result from the first... I have no idea.
Related
This is getting frustrating to say the least haha.
I have setup a proxypass and proxypassreverse in apache under virtual host 443 to proxy to nginx running in a container on port 8443.
This is all I have set up to do this
CustomLog /srv/apps/ktech-connect/log/apache/custom.log combined
ErrorLog /srv/apps/ktech-connect/log/apache/errors.log
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass / https://127.0.0.1:8443/
ProxyPassReverse / https://127.0.0.1:8443/
When I hit any url such as example.com/page it works like it should
But when I go to example.com or even example.com/ it will show a redirect from apache to example.com:8443 in the url.
I have tried adding ProxyPreserveHost but it does nothing, and a whole host of other options. I just don't understand where the redirect is coming from and the fact that it only happens when hitting the base url.
Any thoughts?
Thanks to ServerFault, It was an old rewrite directive still in my browser cache lol. Cleared it and now it works as expected.
i have the following situation:
i need to call the following url http://myapp.mydomain.com
and the url should reply as following
http://myapp.mydomain.com/index.jsp
On my apache 2.4
i tryied different setup but none seems to work,
First attempt
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass /myapp http://127.0.0.1:8080/myapp
ProxyPassReverse /myapp http://127.0.0.1:8080/myapp
</VirtualHost>
Second attempt
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass /myapp/ http://127.0.0.1:8080/myapp/
ProxyPassReverse /myapp/ http://127.0.0.1:8080/myapp/
</VirtualHost>
Third attempt
<Location "/myapp/">
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/myapp/
ProxyPassReverse / http://127.0.0.1:8080/myapp/
</Location>
Fourth attempt
<Location "/myapp/">
ProxyPreserveHost On
ProxyPass /myapp/ http://127.0.0.1:8080/myapp/
ProxyPassReverse /myapp/ http://127.0.0.1:8080/myapp/
None of the configuration seem to work,
the url https://myapp.mydomain.com brings up the welcome page of the tomcat.
And what ever configuration i apply to apache, the only way to make it work is to manually add on the link the mountpoint of proxy, as following
http://myapp:mydomain.com/myapp/index.jsp
Any suggestion on how can i make this work?
Thanks in advance.
I don’t have enough cred to comment and ask for clarification, so I’ll edit my answer based on your feedback.
When using the VirtualHost, which I believe is your best option, you need a ServerName directive included as well. (Perhaps you omitted it here on purpose for some reason, but I'm showing it in the example below).
Also, I believe your route parameters for ProxyPass and ProxyPassReverse need to be in quotes unlike many other items in a VirtualHost. Make particular note of the trailing slash after myapp in the destination (second parameter). Since your desired URL would have index at the root path of your myapp.mydomain.com subdomain, make sure you're indicating that (as the first parameter, /). That should cause the URL https://myapp.mydomain.com to point to http://127.0.0.1:8080/myapp/ as you intend. (In your Example 2, you made your first parameter /myapp/ and, thus, you had to add this to your URL to access it, as you noted -- minus where you swapped a colon for a dot.)
(Disclaimer: I don't know much about Tomcat, but I am operating on the presumption that index.jsp should be treated like most other "index" files in that they'll be sought out and used if they exist and can, therefore, be omitted from the URL requested by the client).
I've also added the ProxyRequests below as I do not know if the default is "Off" or not, but unless you're using a forward proxy (versus the apparent reverse you want here) I think it's at least a potential security issue not to do so.
Minus any other directives you've not shown here, it seems this should do the trick:
<VirtualHost *:80>
ServerName myapp.mydomain.com
ProxyRequests off
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:8080/myapp/"
ProxyPassReverse "/" "http://127.0.0.1:8080/myapp/"
</VirtualHost>
Original reply was from mobile; I've cleaned it up and added an example and clearer explanation from desktop.
I want to make Tableau (which is on an internal network) accessible on the public network. One of the ways recommended by Tableau Support is a Reverse Proxy.
I have set up the required modules and have the reverse proxy functioning. The login page is available through these settings in httpd given below. However, once I log in and want to open Projects, Views etc. It routes to
http://actualsite.com/#/vieworproject
which should actually be http://actualsite.com/tableauaccess/#/vieworproject.
Here is the httpd configuration:
ProxyPass /tableauaccess/ http://tableauserverexample.com/
ProxyPassReverse /tableauaccess/ http://tableauserverexample.com/
<Location /tableauaccess/>
Order deny,allow
Allow from all
ProxyHTMLURLMap / /tableauaccess/
</Location>
This doesnt solve the main issue with #. I tried
ProxyPass /#/ http://tableauserverexample.com/#/
ProxyPassReverse /#/ http://tableauserverexample.com/#
But it doesnt help. Any suggestions?? Thanks!
We had this same issue recently. Your httpd.conf file is technically correct for mod_proxy, however the url you are attempting to use is not supported by Tableau. You cannot use:
http://actualsite.com/tableauaccess
But rather you must use the format:
http://tableauaccess.actualsite.com
We ended up setting up that sub-domain name and then using a VirtualHost block such as:
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName actualsite.com
DocumentRoot "/path/path2/pathx"
</VirtualHost>
<VirtualHost *:80>
ServerName tableauaccess.actualsite.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://tableauaccess.actualsite.com/
ProxyPassReverse / http://tableauaccess.actualsite.com/
<IfModule mod_cache.c>
CacheDisable *
</IfModule>
RequestHeader set X-Forwarded-Proto "http" #or "https", depending on preference
</VirtualHost>
Be sure to double-check your Tableau server to update the URL format.
Sources:
https://community.tableau.com/thread/198095
https://community.tableau.com/thread/218678
(I don't have enough reputation points to post all of my sources, but thanks to Tableau community, shanemadden at ServerFault, and the Apache documentation.)
edit: forgot trailing slashes
This one's driving me nuts. I have an active and in-use Apache proxy server serving content up on EC2. It's working great, and has a variety of vhosts that are configured like this:
<VirtualHost *:80>
ServerName m.FOO.com
ServerAlias customer.FOO.com
ProxyPreserveHost On
ProxyPass / ajp://10.211.42.48:8009/
ProxyPassReverse / ajp://10.211.42.48:8009/
<Proxy ajp://10.211.42.48:8009/*>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
These all work great, and I'm having no problems. Now what I'd like to do is move it so instead of a single vhost for each app, I want to have a sub-url on the main site that proxies back to the appserver. So instead of a customer having 'customer.FOO.com', they'll have 'FOO.com/customer/'
Great, sounds easy, right? Yeah, not so much. I edit the vhost entry for 'root' of the server (currently showing the landing page), and add the proxy entries to directories within that. That should do it,right? Yeah, it ain't:
<VirtualHost *:80>
ServerName web01.aws.FOO.com
DocumentRoot /var/www/html
ErrorLog logs/www.FOO.com-error_log
CustomLog logs/www.FOO.com-access_log common
<Location /a>
ProxyPass ajp://10.211.42.48:8009
ProxyPassReverse ajp://10.211.42.48:8009
</Location>
<Location /t>
ProxyPass http://adm01
ProxyPassReverse http://adm01
</Location>
<Proxy ajp://10.211.42.48:8009/*>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
If i hit http://www.FOO.com/t/ - I get the internal webserver - it proxies forward correctly, and all is well. If I hit http://www.FOO.com/a/ I get a 404 error. The access log even shows a 404 error.
Note that the ProxyPass AJP entries are identical to what's in the other vhost entry. So why does it work on the root on the other vhost entry, and not as a subdir here on the main vhost?
Halp!
I ended up solving this with one particular hint I found out on a mailing list somewhere. The ProxyPassReverse directive is very touchy, and has one basic function. Anything it matches on the second argument (assuming using the ProxyPassReverse A B form) will be applied to the first argument. So it's critical to make sure the second argument is exactly the redirect that is coming from your application, or else the ProxyPassReverse directive will be ignored.
In my case, what I ended up doing was changing the Location entry to:
ProxyPass /a/ ajp://10.211.42.48:8009
ProxyPassReverse /a/ http://my.apphost.com/
And all started working just fine.
I'm trying to use mod_rewrite to map multiple domains to different servlets on one host.
Example:
www.dom1.com -> 192.168.1.n/dom1
www.dom2.com -> 192.168.1.n/dom2 ...
I'm using the mod_rewrite and mod_proxy and VirtualHost directive but it seems that the reverse mapping via ProxyPassReverse doesn't work as I expected.
ProxyPassReverse /subdomain.domain.com http://192.168.1.n/subdomain
doesn't work. I've turned rewrite-logging on with
RewriteLog /var/log/rewrite.log
From the logs I'd say that rewriting works and the problem seems to be with reverse mapping. However I can't see any Reverse mapping entries.
It seems that reverse mapping isn't logged or needs a different command to be activated.
(Apache and the servlet container are on different machines but this should not matter I'd think ?)
After all I've found a solution that works for me.
This is an excerpt from my configuration that shows one virtual host for domain 1
<VirtualHost *>
ServerName www.dom1.com
ServerAlias dom1.com
RewriteEngine On
# logs might be omitted
RewriteLog /var/log/dom1_rewrite.log
RewriteLogLevel 2
CustomLog /var/log/dom1_custom.log common
ErrorLog /var/log/dom1_error.log
# rewrite to internal ip
RewriteRule ^/(.*) http://192.168.1.105/dom1/$1 [L,P,E=proxy_ok:1]
# Preserve the host-part in the forwarded url
ProxyPreserveHost On
# Substitute responses with the original
ProxyPassReverse / http://192.168.1.105/dom1/
ProxyPassReverse / http://192.168.1.105/dom1
ProxyPassReverse / http://dom1.com/dom1/
ProxyPassReverse / http://dom1.com/dom1
</VirtualHost>
What was wrong with my first configuration - I had to preserve the host and then add all necessary ProxyPassReverse rules to substitute the responses.
And this is my mod_proxy configuration:
<IfModule mod_proxy.c>
#turning ProxyRequests on and allowing proxying from all may allow
#spammers to use your proxy to send email.
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
# Proxies just in case Proxy_ok is set
Allow from env=proxy_ok
</Proxy>
# Not sure whether we need this ...
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
ProxyVia On
</IfModule>
There may be cleaner solutions but - if works as it should.