Use modreverseproxy only if cookie is found - apache

I have a site, lets call it example.com which is hosted on an Apache server listening in on port 80. I also am using modproxy at the moment to send traffic to another server that is listening in on port 8000. How can I only allow the traffic to be proxied if a PHPSESSID cookie is found? Here is my conf settings for the moment.
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ProxyPass /private http://localhost:8000
ProxyPassReverse /private http://localhost:8000/
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>

Some other things that I am also trying are:
<Proxy *>
Allow from all
</Proxy>
RewriteEngine On
RewriteRule %{HTTP_COOKIE} ^.*PHPSESSID.*$ [NC]
RewriteRule /private http://localhost:8000/$1 [P,L]

Related

Apache Reverse Proxy https to http? does SSL certificate is mandatory

Hi I have been working on setting up my webserver. We have the company domain https://www.company.com which is already with https, which we are unable to get SSL certificates. I wanted to make use this domain and deploy my app (http) by adding https//www.company.com/myapp this myapp and map this url to the http app which is deployed.
I am using the configuration shown below for your reference. I have a doubt only if we get SSL only we progress or their is some way to map this domain to my app running on port 8000.
<VirtualHost *:443>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
RewriteCond %{ENV:HTTPS} on
RewriteRule /(.*) http://localhost:8000/$1 [R=301,L]
</VirtualHost>
if you want to use HTTP, use port 80 instead of 443. you can also use both separately for HTTP and HTTPS connection.
<VirtualHost *:80>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
..................
As per server requirements
..................
</VirtualHost>
<VirtualHost *:443>
ServerName company.com
ServerAlias www.company.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp http://localhost:8000/
ProxyPassReverse /myapp http://localhost:8000/
RewriteEngine On
RewriteCond %{ENV:HTTPS} on
RewriteRule /(.*) http://localhost:8000/$1 [R=301,L]
</VirtualHost>

Apache 2.2 to 2.4 too many redirects

I have an old server which uses httpd 2.2 and this configuration works fine redirecting HTTP requests to HTTPS.
Moving to CentOS and upgrading to httpd 2.4 the existing configuration causes a too many redirects to occur.
<VirtualHost _default_:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost _default_:443>
SSLEngine on
... SSL Setup ...
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
</VirtualHost>
I'm using tomcat which is listening on port 8009 internally, I'm not sure why is it happening.
SUGGESTED
The ProxyPassReverse directive doesn't work well with ajp.
Switch to HTTP/HTTPS
Remove the ProxyPassReverse directive
Validate you have set RemoteIPHeader X-Forwarded-For, X-Forwarded-Host, X-Forwarded-Port and X-Forwarded-Proto appropriately as well

Apache forward proxy by url parameter

I want redirect any access whose URL parameter is "deep" to local server, and redirect other access to other server.
Forward a request like the following:
① url parameter starting with deep
http*://hostname/bdd?deep=1
→
http*://127.0.0.1:8080/bdd
② other url
→
http*://10.137.213.101:8080/bdd
I am setting my apache conf as the following, but it still does not work.
RewriteEngine On
RewriteCond %{QUERY_STRING} ^deep
RewriteRule "^/bdd(.*)$" /dataviewlinks/ [L]
ProxyPass /dataviewlinks http*://127.0.0.1:8080/bdd
ProxyPassReverse /dataviewlinks http*://127.0.0.1:8080/bdd
ProxyPass /bdd http*://10.137.213.101:8080/bdd
ProxyPassReverse /bdd http*://10.137.213.101:8080/bdd
What could be the solution?
I have done it like this in the past to redirect any network access on port 8080 to another directory.
<VirtualHost *:8080>
ServerName 127.0.0.1
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests On
ProxyPreserveHost On
ProxyPass "/" "http://10.137.213.101:8080/bdd"
ProxyPassReverse "/" "http://10.137.213.101:8080/bdd"
</VirtualHost>
Maybe this would work for you as well.
Also make sure you have enabled proxy mod sudo a2enmod proxy and restart apache

GitLab and ISPConfig 3 issue

I have a website managed with ISPConfig 3 on a VPS running Debian 8 and Apache.
The website is accessible via domain.ee but I want to get my GitLab running (on the same time) on git.domain.ee
But when I installed GitLab and runned it, he overwrited ISPConfig and started to run on git.domain.ee AND domain.ee (and all the others adresses pointing to my VPS)
Here is my gitlab.rb config:
external_url 'http://git.domain.ee'
unicorn['port'] = 8080
web_server['external_users'] = ['www-data']
And here is my gitlab.conf runned by apache:
<VirtualHost *:80>
ServerName git.domain.ee
ServerSignature Off
ProxyPreserveHost On
<Location />
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://git.domain.ee/
</Location>
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
</VirtualHost>
Obviously domain.ee is replaced with my real domain name.
let git run on localhost:8080 and configure apache as reverse proxy
like so:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ProxyVia Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://127.0.0.1:8080
ProxyPassReverse / http://127.0.0.1:8080
</VirtualHost>
you can add the other rules as you need them

Why does my page page return blank when using a server name with mod_rewrite?

I am using Apache, mod_rewrite, mod_pagespeed, and mod_proxy.
When accessing my page via IP (10.10.10.12:80), it successfuly rewrites me to 10.10.10.12:81 and then proxies me to an external server (10.10.10.13).
When accessing my page via DNS name (www.example.com), it returns a blank page. Viewing source code shows that my pagespeed configurations applied but my JS doesn't render and nothing shows up.
Below is the relevant code in my configuration:
<VirtualHost *:80>
ProxyRequests off
ServerAdmin xxx#xxx.com
DocumentRoot /var/www/html
RewriteEngine On
RewriteLog "/home/dvanpham/rewrite.log"
RewriteLogLevel 3
#Directs escaped fragment code to an external rendering server
RewriteCond %{QUERY_STRING} ^_escaped_fragment_=(.*) [NC]
RewriteRule .* http://10.10.111.54:82/?page=http://10.10.111.54:81/#!%1 [NE,P,L]
#Directs all other traffic to port 81, which then sends traffic to 2 other servers
RewriteRule ^(.*)$ http://10.10.111.54:81$1 [NE,P]
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</VirtualHost>
<VirtualHost *:81>
ProxyRequests off
<Proxy balancer://regscluster>
# BalancerMember http://10.10.112.47:8280
BalancerMember http://10.10.112.48:8280
Order Deny,Allow
Deny from none
Allow from all
ProxySet lbmethod=byrequests
</Proxy>
ProxyPass / balancer://regscluster/
</VirtualHost>
<VirtualHost *:82>
ProxyRequests off
<Proxy balancer://nodecluster>
BalancerMember http://10.10.111.56:8080
BalancerMember http://10.10.111.57:8080
Order Deny,Allow
Deny from none
Allow from all
ProxySet lbmethod=byrequests
</Proxy>
ProxyPass / balancer://nodecluster/
</VirtualHost>
Please let me know if there is any more information I can provide or if you have any insight into this issue!
EDIT: It looks like the issue is specifically related to mod_pagespeed and mod_rewrite when using the domain name.
The issue was that mod_pagespeed was listening for ProxyPass and rewriting the URLs accordingly but did not listen to RewriteRule.
Setting
"ModPagespeedMapOriginDomain http://localhost *.domain.com"
did the trick.