I'd like to enable on my Apache 2.4 under linux the PUT and DELETE methods. When clients try to invoke such methods I get a "405 Method Not Allowed" as answer.
On server side my PHP script handle such requests but it seems filtered by the server itself (that's makes the difference from the similar already answered question - Moreover other questions seems to refers to an old version of Apache).
Can I manage some configurations on .htaccess file or I have to modify the .conf files under /etc/apache2?
Thanks a lot.
Try the following changes on your server:
Open "/etc/httpd/conf/httpd.conf" and look for the following blocks:
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow Deny from all
</LimitExcept>
Then just add PUT and DELETE after PROPFIND. Then Restart httpd by "/sbin/service httpd restart" or service httpd restart.
Note: In some servers , mostly the ones with a control panel (DA,cPanel,..) you may change this file :/etc/httpd/conf/extra/httpd-directories.conf
I hope it solves your problem.
For Debian/Ubuntu.
In your conf:
<Location "/">
AllowMethods GET PUT
</Location>
In console:
sudo a2enmod allowmethods
sudo systemctl restart apache2.service
You can use allowmethods_module to enable that.
It's been available since apache version 2.3 but still experimental though.
<Location "/path/to/directory">
AllowMethods PUT DELETE
</Location>
I got the same error and the root cause is the redirects to https (80-443) are not occurring which one of the things are causing the docker client to fail while allowing the browser to work. I added below directives in Apache httpd (apache2) and it worked for me.
<VirtualHost *:80>
RedirectPermanent / https://%{SERVER_NAME}/
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
# General setup for the virtual host
ServerName example.org
ServerAdmin help#example.com
ErrorLog /tmp/error_log
SSLProxyEngine On
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
AllowEncodedSlashes NoDecode
ProxyPreserveHost On
ProxyPass / http://<BackendIP>/ connectiontimeout=10 timeout=3600
ProxyPassReverse / http://<BackendIP>/
</VirtualHost>
Related
I want to make Tableau (which is on an internal network) accessible on the public network. One of the ways recommended by Tableau Support is a Reverse Proxy.
I have set up the required modules and have the reverse proxy functioning. The login page is available through these settings in httpd given below. However, once I log in and want to open Projects, Views etc. It routes to
http://actualsite.com/#/vieworproject
which should actually be http://actualsite.com/tableauaccess/#/vieworproject.
Here is the httpd configuration:
ProxyPass /tableauaccess/ http://tableauserverexample.com/
ProxyPassReverse /tableauaccess/ http://tableauserverexample.com/
<Location /tableauaccess/>
Order deny,allow
Allow from all
ProxyHTMLURLMap / /tableauaccess/
</Location>
This doesnt solve the main issue with #. I tried
ProxyPass /#/ http://tableauserverexample.com/#/
ProxyPassReverse /#/ http://tableauserverexample.com/#
But it doesnt help. Any suggestions?? Thanks!
We had this same issue recently. Your httpd.conf file is technically correct for mod_proxy, however the url you are attempting to use is not supported by Tableau. You cannot use:
http://actualsite.com/tableauaccess
But rather you must use the format:
http://tableauaccess.actualsite.com
We ended up setting up that sub-domain name and then using a VirtualHost block such as:
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName actualsite.com
DocumentRoot "/path/path2/pathx"
</VirtualHost>
<VirtualHost *:80>
ServerName tableauaccess.actualsite.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://tableauaccess.actualsite.com/
ProxyPassReverse / http://tableauaccess.actualsite.com/
<IfModule mod_cache.c>
CacheDisable *
</IfModule>
RequestHeader set X-Forwarded-Proto "http" #or "https", depending on preference
</VirtualHost>
Be sure to double-check your Tableau server to update the URL format.
Sources:
https://community.tableau.com/thread/198095
https://community.tableau.com/thread/218678
(I don't have enough reputation points to post all of my sources, but thanks to Tableau community, shanemadden at ServerFault, and the Apache documentation.)
edit: forgot trailing slashes
I know there are already post on this subject, but they don't produce good results and I would like to share, here, my thinking on this subject. Feel free to moderate my post if you think it's a bad idea.
Server: Ubuntu 16.04.1, Apache2.4.18
DNS conf:
for Jitsi meet - meet.mydomain.xx ----> ip_of_my_server
for my website - mydomain.xx ----> ip_of_my_server
Like I said I try to run Jitsi meet on apache2.
By following the steps described in Quick install (https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md)
If I install Jitsi meet on my server just after installing Ubuntu so without Apache or Nginx. Jitsi works great.
If I install Jitsi meet on my server after installing Nginx. Jitsi works great.
With the same method of installation, I try to install Jitsi meet after installing Apache2, so I notice that Jitsi meet does not configure itself apache2, so I tried this first configuration:
<VirtualHost *:443>
ServerAdmin postmaster#mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
DocumentRoot "/usr/share/jitsi-meet/"
<Directory /usr/share/jitsi-meet/>
AllowOverride All
</Directory>
ProxyPass / http://meet.mydomain.xx:5280/http-bind
ProxyPassReverse / http://meet.mydomain.xx:5280/http-bind
ProxyPreserveHost Off
<Location "/http-bind">
Order allow,deny
Allow from all
</Location>
<Location "/meet/xmpp-websocket">
ProxyPass http://meet.mydomain.xx:5280
ProxyPassReverse http://meet.mydomain.xx:5280
</Location>
ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
SSLCertificateFile /etc/letsencrypt/live/acert.mydomain.xx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/acert.mydomain.xx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
When I load the page meet.mydomain.xx I get the following error:
"It works! Now your customer BOSH points to this URL to connect to
Prosody.
For more information see Prosody. Setting up BOSH "
But when I look at the /etc/prosody/conf.avail/meet.mydomain.xx.cfg.lua file, I notice that bosh is already enabled and the rest of the configuration is ok with what is explain here https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md
The log contains no errors.
If you have an idea to fix this problem I'm interested.
Second configuration that I tested:
<VirtualHost *:80>
ServerAdmin postmaster#mydomain.xx
ServerName meet.mydomain.xx
ServerAlias meet.mydomain.xx
DocumentRoot "/usr/share/jitsi-meet/"
SSLProxyEngine On
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/(.*)$ / [PT]
RewriteRule ^/http-bind$ https://meet.mydomain.xx:5281/http-bind [P,L]
ErrorLog /var/www/meet/logs/error.log
CustomLog /var/www/meet/logs/access.log combined
</Virtualhost>
With this setup the result seems better, I can see the home page of Jitsi meet but without the text, without the logo and when I click on the go button, nothing happend.
The log contains no errors.
So here I don't no really what to do. If someone have some advices or ideas, thank you to share it !
Bye, thank you for reading
Gspohu
This works with FreeBSD 12.2-RELEASE, apache24-2.4.46,
particularly also with the jitsi client app on Android telephones.
I think it will answer your question.
As an additional tweak on our site: for https we use the non-standard port 444 (instead of usual 443).
I followed the very useful instructions of http://www.bobeager.uk/pdf/jitsi.pdf (Thanks for this!), but then, instead of nginx, I use apache, simple because it's running anyway on this server.
The apache config:
loaded modules in httpd.conf
LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_connect_module libexec/apache24/mod_proxy_connect.so
LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
The apache VirtualServer config: Note the /index.html in RewriteRule!
<VirtualHost *:444>
ServerName meet.example.com:444
DocumentRoot "/usr/local/www/jitsi-meet"
ServerAdmin np#ibu.de
SSLEngine on
SSLProxyEngine on
SSLCertificateFile "/usr/local/etc/letsencrypt/live/meet.example.com/fullchain.pem"
SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/meet.example.com/privkey.pem"
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/[a-zA-Z0-9]+$
RewriteRule ^/([a-zA-Z0-9=?]+)$ /index.html
</IfModule>
<directory "/usr/local/www/jitsi-meet">
require all granted
Options +Includes
directoryindex index.html
AddOutputFilter Includes html
XBitHack on
</directory>
# BOSH
<location "/http-bind">
proxypass "http://localhost:5280/http-bind"
header set host "expr=%{HTTP_HOST}"
</location>
# XMPP websockets
<location "/xmpp-websocket">
proxypass "http://localhost:5280/xmpp-websocket"
header set host "expr=%{HTTP_HOST}"
header set x-forwarded-for "expr=%{REMOTE_ADDR}"
</location>
</VirtualHost>
Because of the XBitHack I did:
chmod +x /usr/local/www/jitsi-meet/*.html
not sure, whether this is necessary; but I think, it does not hurt.
Changes in /usr/local/www/jitsi-meet/config.js
Note: some values are set to domain only, others to domain+port
Misconfiguration here may cause javascript CORS errors in browser.
Check with firefox crtl-shift-I , console
var domainroot = 'meet.example.com'
var domainuri = domainroot+':444'
var config = {
hosts: {
domain: domainroot,
bridge: 'jitsi-videobridge.'+domainroot,
focus: 'focus.'+domainroot,
muc: 'conference.'+domainroot
},
// BOSH URL. FIXME: use XEP-0156 to discover it.
// bosh: '//jitsi-meet.example.com/http-bind',
bosh: '//'+domainuri+'/http-bind',
....
(I am x-posting this from serverfault because I didn't get any responses there and we have a lot apache pros over here)
I am using my apache as a reverse proxy for a few requests to a webserver running on an internal port to allow access via my regular virtual host. This is on an ubuntu 15 running apache 2.4 in vagrant.
Here's my virtualhost config:
<VirtualHost *:80>
DocumentRoot /vagrant/htdocs
ServerName test.vm
# proxy pass mailcatcher to internal webserver
<Location /mailcatcher>
ProxyPass http://localhost:1080
ProxyPassReverse http://localhost:1080
</Location>
<Location /assets>
ProxyPass http://localhost:1080/assets
</Location>
<Location /messages>
ProxyPass ws://localhost:1080/messages
ProxyPassReverse http://localhost:1080
</Location>
<Directory />
Require all granted
</Directory>
<Directory /vagrant/htdocs>
AllowOverride all
</Directory>
</VirtualHost>
For a while, this works fine. However, after a time, suddenly all requests to this virtualhost are proxied to the internal webserver. So if I call http://test.vm/cron/mails.php at first it will run mails.php as expected. However after a random amount of time or event, suddenly the aforementioned URL will start serving responses from Mailcatcher.
The message you were looking for does not exist, or doesn't have content of this type
This is a Mailcatcher error that you get when you request a message that no longer exists.
This service, Mailcatcher, is started with my VM and runs all the time. The weird thing is, I don't experience this issue when I am doing other stuff on the VM (there's a web app running on it). Only when I am actively debugging mails and using the Mailcatcher gui am a I suddenly sometimes experiencing this.
Waiting for a while or restarting apache "solves" this issue until it pops up the next time. Can anyone help me out on this? Did I set up my proxy wrong?
Thanks.
You can try these :
<VirtualHost *:80>
ServerName mailcatcher.domain.tld
ServerAdmin webmaster#domain.tld
<Location />
ProxyPass http://localhost:1080/
ProxyPassReverse http://localhost:1080/
</Location>
<Location /messages>
ProxyPass ws://localhost:1080/messages
ProxyPassReverse ws://localhost:1080/messages
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Notes :
Of course localhost is set in your /etc/hosts or should be change to your mailcatcher server.
It's better to dedicate a hostname to mailcatcher service. With mod_proxy is not easier to manage correctly sub directory path.
I have a web-service that I would like to expose through the URL foo.com/bar.
However my Apache reverse proxy does not work as intended.
I have created the file 001-default.conf, which contains the following code:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ProxyPass /bar http://foo.com:8080/bar
ProxyPassReverse /bar foo.com:8080/bar
DocumentRoot /var/www/foo/
ServerName info.foo.com
<Directory /var/www/foo>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Right now I receive a 404 error code.
I want to achieve all hits on foo.com/bar to be silently redirected to foo.com:8080/bar, meaning that the user should only see the URL foo.com/bar.
The reverse proxy redirect should also include requests such as foo.com/bar?=foobar.
I did enable proxy_http and proxy:
% sudo a2enmod proxy_http
Considering dependency proxy for proxy_http:
Module proxy already enabled
Module proxy_http already enabled
I hope that there is someone out there that are able to help me with this.
Similar problem that did not solve my problem:
apache reverse proxy changes url Transparent redirect to port 8080
Try and edit the config to:
<VirtualHost *:80>
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
ProxyPass /bar http://foo.com:8080 # Note removed /bar
ProxyPassReverse /bar foo.com:8080 # Note removed /bar
DocumentRoot /var/www/foo/
ServerName info.foo.com
<Directory /var/www/foo>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
You can also try with mod_alias to avoid te /bar/bar issue you might be facing now.
I do not know much about it, see the documentation: http://httpd.apache.org/docs/2.2/mod/mod_alias.html
Try something like adding this to your conf
Alias /bar http://foo.com:8080
Using this you might wan't to remove the proxy.
I am attempting to setup a proxy with Apache2 so that incoming requests to http://myipaddress.com go to http://localhost:3000/ where I have Gitlab ( a rails app ) running. The following is what I have in my Apache configuration file on Ubuntu 10.04. I can successfully access the gitlab default page initially, but any subsequent requests performed by me by clicking on other pages after that go to a 404 NOT FOUND page. I can manually enter /gitlab/ in front of any of these failed redirects and they work just fine. How can I make this work without having to rewrite /gitlab/ after each redirect request after the initial request?
## Setup a proxy which listens on the port that gitlabh does ( from start_server.sh )
ProxyRequests Off
ProxyPass /gitlab/ http://localhost:3000/
ProxyPassReverse /gitlab/ http://localhost:3000/
#DocumentRoot /home/gitlabhq/gitlabhq/public
<Proxy http://localhost:3000/>
Order deny,allow
Allow from all
</Proxy>
I understand that I could have the code below , which would solve my problem. But I don't know how to modify the prefix of the gitlab rails service. I'd really appreciate some help!
ProxyPass /gitlab/ http://localhost:3000/gitlab/
ProxyPassReverse /gitlab/ http://localhost:3000/gitlab/
UPDATE:
Thanks to Friek's comment I've come very close to solving this. Below is part of my http.conf file. The only problem is when I hit the home button or the logo on the gitlab app it attempts to redirect to gitlab/ which gives me the basic index.html file from Apache2 saying 'it works!'. How can I configure this to allow me to simply got /gitlab and it takes me to the root home view of gitlab?? Thanks!
## For Gitlab using Apache2 Passenger
## Install on Ubuntu by:
## sudo gem install passenger && sudo passenger-install-apache2-module
## but only after running the install_and_configure_git.py script
## and creating a soft link to the rails gitlab /public directory like so:
## sudo ln -s /home/gitlabhq/gitlabhq/public /var/www/gitlab
LoadModule passenger_module /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13
PassengerRuby /usr/local/bin/ruby
<VirtualHost *:80>
ServerName gitlab
## Set the overall Document Root
DocumentRoot /var/www
<Directory /var/www>
Allow from all
</Directory>
## Set the Rails Base URI
RackBaseURI /gitlab
RailsBaseURI /gitlab
<Directory /var/www/gitlab>
Allow from all
Options -MultiViews
</Directory>
</VirtualHost>
I came across this gist that worked for me. In case it ever goes dead, I'll repost it.
unicorn config file
Edit file /home/gitlab/gitlab/config/unicorn.rb
Find line listen "#{app_dir}/tmp/sockets/gitlab.socket" and comment it. Uncomment line listen "127.0.0.1:8080"
required modules for apache
sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http
sudo a2enmod rewrite
/home/gitlab/gitlab/config/gitlab.conf
<VirtualHost *:80>
ServerName git.domain.com
# Point this to your public folder of teambox
DocumentRoot /home/gitlab/gitlab
RewriteEngine On
<Proxy balancer://unicornservers>
BalancerMember http://127.0.0.1:8080
</Proxy>
# Redirect all non-static requests to thin
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://unicornservers%{REQUEST_URI} [P,QSA,L]
ProxyPass / balancer://unicornservers/
ProxyPassReverse / balancer://unicornservers/
ProxyPreserveHost on
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# Custom log file locations
ErrorLog /var/log/apache2/gitlab_error.log
CustomLog /var/log/apache2/gitlab_access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName gitlab
## Set the overall Document Root
DocumentRoot /var/www
<Directory /var/www>
Allow from all
</Directory>
## Set the Rails Base URI
RackBaseURI /gitlab
RailsBaseURI /gitlab
<Directory /var/www/gitlab>
Allow from all
Options -MultiViews
</Directory>
</VirtualHost>
These settings in your httpd.conf or your sites config file should do., Please remove the reverse proxy settings if you have any and try, it will work.,
if you have below lines along with above config, please remove the below lines,
ProxyPass /gitlab/ http://localhost:3000/gitlab/
ProxyPassReverse /gitlab/ http://localhost:3000/gitlab/
Proxy on
Restart your webserver
service apache2 restart
This is in case someone new comes across this issue.
This helped me, notice the ProxyPassReverse lines. My full issue and resolution is at https://stackoverflow.com/a/22390543/3112527 .
<IfModule mod_ssl.c>
<VirtualHost *:443>
Servername gitlab.my_domain.com
ServerAdmin my_admin#my_domain.com
SSLCertificateFile /etc/apache2/ssl.crt/gitlab_my_domain.crt
SSLCertificateKeyFile /etc/apache2/ssl.crt/gitlab_my_domain_private.key
SSLCACertificateFile /etc/apache2/ssl.crt/gitlab.ca-bundle
##### All the other Apache SSL setup skipped here for StackOverflow ####
ProxyPreserveHost On
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
# For relative URL root "host:your_gitlab_port/relative_root"
#ProxyPassReverse http://127.0.0.1:8085/gitlab
#ProxyPassReverse https://gitlab.my_domain.com/gitlab
# For non-relative URL root
ProxyPassReverse http://127.0.0.1:8085
ProxyPassReverse https://gitlab.my_domain.com/
</Location>
# apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# https://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
RequestHeader set X_FORWARDED_PROTO 'https'
# needed for downloading attachments
DocumentRoot /home/git/gitlab/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/apache2/gitlab-ssl_error.log
CustomLog /var/log/apache2/gitlab-ssl_forwarded.log common_forwarded
CustomLog /var/log/apache2/gitlab-ssl_access.log combined env=!dontlog
CustomLog /var/log/apache2/gitlab-ssl.log combined
</VirtualHost>
</IfModule>
(from https://github.com/gitlabhq/gitlab-recipes/blob/master/web-server/apache/gitlab-ssl-apache2.4.conf)
I ended up here while Googling for errors I encountered while setting up Rails + unicorn using Apache (on port 80) to proxy to unicorn (on port 3000). In case it's of use to anyone else, here's my config:
<VirtualHost example.com:80>
ServerAdmin webmaster#example.com
ServerName example.com
ServerAlias www.example.com
ProxyPreserveHost On
<Location />
Require all granted
ProxyPassReverse http://example.com:3000
</Location>
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://example.com:3000%{REQUEST_URI} [P,QSA]
DocumentRoot /home/user/rails-dir/public
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogLevel warn
ErrorLog /home/user/rails-dir/log/apache-error.log
CustomLog /home/user/rails-dir/log/apache-access.log combined
</VirtualHost>
This question also troubles me quite a long time. It's fixed now.
The most helpful resource is from the Gitlab official document about using-a-non-bundled-web-server.
They also provide full workable recipe.
If you are using Apache version 2.4 or above, please use files
gitlab-apache24.conf or gitlab-ssl-apache24.conf for the HTTP and
HTTPS versions of the vhost repectively.
If you are using Apache version 2.2, please use files
gitlab-apache22.conf or gitlab-ssl-apache22.conf for the HTTP and
HTTPS versions of the vhost repectively.
The problem now simple to
Make sure you pick the right configuration file depending whether you
choose to serve GitLab with SSL or not. The only thing you need to
change is YOUR_SERVER_FQDN with your own FQDN and if you use SSL, the
location where your SSL keys currently reside. You also might need to
change the location of your log files.
to make sure the Apache2 version, use apache2 -version
If use HTTPS version, you may need to make sure your cert file is deployed correctly e.g. the files are placed consistent with recipe file specified.