How to configure apache2 subdomains to route to different servers - apache

I am running apache 2.4.7 and presently all my traffic is going to a backend server on 8080 on the same server/instance.
I want my www traffic to go to a new server/instance and all my other subdomains (app, api, etc.) to go to the existing 8080.
Can somebody provide some direction?
Help appreciated.
<VirtualHost *:80>
ProxyPreserveHost On
ServerAdmin webmaster#example.com
ServerName example.com
Redirect "/" "https://www.example.com/"
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html/
Redirect "/ft/" "/"
ErrorLog /var/www/example.com/logs/error.log
CustomLog /var/www/example.com/logs/access.log combined
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

If you want to do an external redirect to the new server for the www subdomain, you'll need to add the following to your configuration, under the other rewrite rules:
RewriteCond ${HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://www.example.com/${REQUEST_URI} [L,R=301]
And you would need to remove the ServerAlias directive. This is also assuming you've already pointed DNS to the new host.
If the new box serving the www content is to be another backed server, you would need another virtual host. Add the following at the top instead:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://other-box/
ProxyPassReverse / http://other-box/
</VirtualHost>
And you still would need to remove the ServerAlias directive.

Related

Proxy not redirecting

I have the following Apache config file. When someone types in http://mywebsite.com it is not redirecting them to https. Why?
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123/"
ProxyPassReverse "/" "http://10.0.1.123/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteCond %{SERVER_NAME} =www.mywebsite.com
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123:80/"
ProxyPassReverse "/" "http://10.0.1.123:80/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
ServerAdmin admin_ws1#mywebsite.com
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.mywebsite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.mywebsite.com/privkey.pem
</VirtualHost>
<VirtualHost *:80>
...
ProxyPass "/" "http://10.0.1.123/"
...
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
The ProxyPass is telling Apache to work as reverse proxy and forward the request to the real server. The RewriteRule instead is telling Apache to answer the request itself with a redirect to the HTTPS version of the site. Obviously it cannot do both at the same time, so there is a conflict. Please remove Proxy* rules and keep only the Rewrite* rules on port 80.

Route mqtt and websocket traffic through apache2

I have a emqx broker setup on Ubuntu EC2.
When I try to connect to emqx through websocket with IP address, it works fine.
But when I use subdomain, the connection fails.
My Apache Config is
<VirtualHost *:80>
ServerName subdomain.example.com
ServerAlias subdomain.example.com
ServerAdmin admin#domain.in
RewriteEngine On
#RewriteCond %{REQUEST_URI} ^/socket.io [NC]
#RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule ^/mqtt/(.*) ws://localhost:8083/mqtt/$1 [P,L]
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:8083/
ProxyPassReverse / http://localhost:8083/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Apache access Logs
I changed the log level of apache to 'debug' and these are the error logs. Looks like it is trying to find the /mqtt folder.
I have already enabled mode "proxy_wstunnel.load". How can I connect to mqtt and ws using subdomain?
Add a ServerAlias directive under ServerName
Example:
ServerName domain.com
ServerAlias subdomain.domain.com
Try adding this too
ProxyPass "/" "http://127.0.0.1:8083/mqtt"
ProxyPassReverse "/" "http://127.0.0.1:8083/mqtt"
If you're are not sure if the broker is using socket.io, then remove this line:
#RewriteCond %{REQUEST_URI} ^/socket.io

Configure Apache with multiple ProxyPass and different ports

so i have a config file that states this
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.aaaaaaaa.yyyyyyyyy.co.uk
ServerAlias aaaaaaa.yyyyyyy.co.uk
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.aaaaaaa.yyyyyyyyy.co.uk [OR]
RewriteCond %{SERVER_NAME} =aaaaaa.yyyyyyyyy.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.xxxxxx.yyyyyyyy.co.uk
ServerAlias xxxxxxx.yyyyyyyyy.co.uk
ProxyPass / http://localhost:8989/
ProxyPassReverse / http://localhost:8989/
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.xxxxxxxxxxx.yyyyyyyy.co.uk [OR]
RewriteCond %{SERVER_NAME} =xxxxxx.yyyyyyyyyy.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
when visiting aaaaaaa.yyyyyyyyy.co.uk it redirects to https which is the desiered effect and launches the correct app.
however when i visit xxxxx.yyyyyyy.co.uk it shows the correct app but does not redirect to https, when i physically type https://xxxx.yyyyyy.co.uk it redirects me to the same app as aaaaaaa.yyyyyyyyyy.co.uk.
how can i make this work!
The main issue here is certbot dosn't play nice with multiple hosts in 1 file.
The steps to correct the problem where;
1 remove all certificates
2 recreate all virtual hosts in there own file within sites-availible
(minus the rewrite portion)
example content of one conf file
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.aaaaaaaa.yyyyyyyyy.co.uk
ServerAlias aaaaaaa.yyyyyyy.co.uk
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
</VirtualHost>
3 after doing this for all virtual hosts (sites) run the command
certbot --apache
and create new certificates for all making sure to select the redirect function at the end.
worked great!

Apache permanent redirect goes to www automatically

My domain name is example.com without www. So if I put www.example.com then it does not work but example.com works. So I configured apache like this
<VirtualHost *:80>
ServerName example.com
ServerAdmin webmaster#example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAdmin webmaster#example.com
DocumentRoot path/to/project/public
SSLEngine on
SSLCertificateFile /path/to/keys/xxx.crt
SSLCertificateKeyFile /path/to/keys/xxx.key
ErrorLog /var/log/apache2/error_log
CustomLog /var/log/apache2/access_log combined
<Directory "path/to/project/public">
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>
Now, as you can see, I do a permanent redirection to https like
Redirect permanent / https://example.com/
But this redirection add www with the domain name by default. So the redirected url becomes https://www.example.com/. Obviously my website can not be accessed from with www since it is registered without www. So please tell me how can make the redirect to work and go to https://example.com/ without the https.
Add an Alias
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
This requires that the www.yourdomain.com points to the same place as yourdomain.com. However the www might not work with your SSL certificate, it depends on the certificates specificity.
I generally allow both on my sites as some people insist on including the www whenever they enter an address.
Apache's documentation can help out with more specifics https://httpd.apache.org/docs/2.2/vhosts/name-based.html
As far as the redirect issue you're having:
Make sure you don't have some RewriteEngine rules that are rewriting your non www requests to www. You might have an .htaccess file in your site directory that is doing the rewrite/redirect.
It might look something like:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://www.%{SERVER_NAME}/$1 [R,L]
Which would mean you should remove the www in the last Rewrite Rule

SSL Wildcard Apache

I have a SAAS in which I need to create multiple subdomains dynamically (Note: There are a lot of subdomains, I don't know which ones will be auto generated ). So I canĀ“t repeat this for each one:
<VirtualHost *:80>
ServerName a1.app.example.com
Redirect / https://a1.app.example.com
</VirtualHost>
Is there a way to redirect each one of the subdomains in http to https?. Something like " Redirect / https://*.app.example.com "
<VirtualHost *:80>
ServerName app.example.com
Redirect / https://*.app.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName app.example.com
ServerAlias *.app.example.com
DirectoryIndex index.php
DocumentRoot /var/www/xxxxxxx
SSLEngine on
SSLCertificateFile /etc/ssl/xxxxx.crt
SSLCertificateKeyFile /etc/ssl/xxxx.key
SSLCertificateChainFile /etc/ssl/xxxx.crt
</VirtualHost>
Add that to your main vhost:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA,R=301]
And make sure mod_rewrite is active. You can activate it using the a2enmod rewrite command.