Using httpd as reverse proxy - apache

This is the first time I have to do something like this. I'm developing a front end application with some stuff I cannot change - it requests some specific address for the serverside data.
I need to redirect all those requests to say:
https://192.168.1.1:8443/server
to a different address, say
https://192.168.100.100:8443/server
I figured this is a job for Reverse Proxy and google brought me to httpd.
Now I work on Windows 7 machine, I've managed to get Apache24 binaries and started it on default 80 port, 127.0.0.1 says "It works!".
I tried to configure a virtual host but no matter what I do, I cannot get it to redirect.
I'm just trying to test the basic stuff first.
I've enabled required mods:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
I've uncommented following include:
Include conf/extra/httpd-vhosts.conf
And inside that file I got this:
<VirtualHost *:80>
ServerName mytest.com
ProxyPass /proxy/ http://myip:tomcatport/myapp/
ProxyPassReverse /proxy/ http://myip:tomcatport/myapp/
</VirtualHost>
I've looked through quite a few of tutorials on how to configure it and tried half a dozen different combinations of the same basic things, configured in this VirtualHost, but no matter what I do, I cannot get it to work.
From what I gathered, this configuration should redirect my browser from mytest.com to http://myip:tomcatport/myapp/, what am I doing wrong here?

Related

Xampp + IIS working together on the same server

I have one server with 2 ip addresses.
I have multiples applications in .net (webapi, a console application, etc) and one specific using PHP which is running on apache (w/ xampp).
I configured IIS to run on default port 80 and xampp is using port 8080.
As I said before, I have two ip addresses and two domains (eg: domain1.com and domain2.com).
I need to pinpoint domain1.com.br to the IIS app (which is working) but my php app never get reached since all the requests are directed to port 80 (which iis takes control).
What can I do to solve this?
I know that I can point both ip's to port 80 but how to tell IIS whenever he gets a request from a specific domain/host (in this case, domain2.com.br) he redirects to the port 8080?
You may need to let the apache takes the control,due to apache's redirect features.The main idea is to setup the apache, use apache's redirect features(vhost,if you prefer to call it so) to direct the special requests to your IIS server.
Change your IIS listening to port 8080 (and set the domain to your domain,domain1.com for example).Leave your apache to listen on 80.
Enable the module below in your apache config file(http.conf):
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
And Enable:
Include conf/extra/httpd-vhosts.conf
3. The next step is to setup the virtual host. Edit the config fileconf\ extra\httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "x:\The\Dir\to\Your\Php\Site"
ServerName domain2.com.br
ErrorLog "logs/domain2-error.log"
CustomLog "logs/domain2-access.log" common
</VirtualHost>
And the setup to your domain2.com.br is Done.Restart your apache server,visit your site by domain name ,and your php site shall be working.
If the steps upon is working as expected,this shall be the last step.
<VirtualHost *:80>
ServerName your.net.site.domain.com
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:8080/"
ProxyPassReverse "/" "http://127.0.0.1:8080/"
ErrorLog "logs/domain1-error.log"
CustomLog "logs/domain1-access.log" common
</VirtualHost>
And now it should work as you expect it to.
Use
Reverse Proxy method
What is Reverse Proxy Method
A reverse proxy server is a type of proxy server that typically sits
behind the firewall in a private network and directs client requests
to the appropriate backend server. A reverse proxy provides an
additional level of abstraction and control to ensure the smooth flow
of network traffic between clients and servers.
Refer NGINX Documentation to know more about Reverse Proxy.
You can use reverse proxy either on your IIS or Apache(Xampp) Server. But since you have a Windows Server I recommend you to do reverse proxy on IIS server.
Example: Rewrite or Reverse proxy in IIS

How to redirect Apache 2.2 on Windows to Tomcat (same machine)

I have spent quite some time trying to figure out something apparentaly pretty trivial, but my lack of knowledge in Apache/Tomcat isn't making this easy for me.
I was asked to redirect a request coming on port 80 (Apache) to port 8080 (Tomcat.. and when that will work, to an app).
Before I changed anything, localhost:80 would show "It works" and locahost:8080 the Apache welcome page.
I did the following changes :
uncommented LoadModule proxy_module modules/mod_proxy.so & LoadModule proxy_http_module modules/mod_proxy_http.so from the httpd.conf file
uncommented Include conf/extra/httpd-vhosts.conf, always in httpd.conf
In httpd-vhosts.conf, I added :
<VirtualHost *:80>
ServerName localhost
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</VirtualHost>
But when I try http://localhost, I do arrive on Apache welcome page, but all css styling, images, are missing :
I have an idea why it is not working : when I inspect my page, and look at the header i see that the link to the favicon for example is http://mydomain/myApp/images/favicon.ico, but if I copy paste that link, I will of course not find the favicon because it is not on Apache, but Tomcat (if that makes any sense). If I add the port to the URL, then it works : http://mydomain:8080/myApp/images/favicon.ico
Has this anything to do with the problem stated here : https://serverfault.com/questions/561892/how-to-handle-relative-urls-correctly-with-a-reverse-proxy ?
This is because the tomcat response headers will contain the proxy headers (i.e. the Location header is http://localhost/WebApp rather than http://localhost:8080/WebApp) because ProxyPreserveHost is switched On
So I switched it to Off :
<VirtualHost *:80>
ServerName localhost
ProxyRequests Off
ProxyPreserveHost Off
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</VirtualHost>
But the page still will not show correctly.
Thank you for your input.
Just figured this one out myself. Solution is to add a / to the end of the addresses in the ProxyPass lines.
As far as I understand it, the server is trying to resolve the address literally, so when it checks for, say the docs page, which is in the webapps folder, it returns a proxy error that says that it can't resolve http://localhost:8080docs.

Windows 7 | Apache Reverse Proxy configuration

I'm having problems with setting up a very basic ReverseProxy in Windows 7 and Apache 2.2
I have a virtual machine registered to a private IP address that I'm wanting to reverse proxy to from the host environment.
Note that for the current iteration of trying to work through this, I'm trying to reverseproxy from foo.bar.baz:* to foo.bar.com:6284
The relevant host entry is foo.bar.com
(assume that bar.com is the corporate domain)
Added
127.0.0.1 baz.bar.com
192.168.59.103 foo.bar.com
127.0.0.1 foo
Inside my Apache httpd.conf file (only including the delta for this change...deltas seem to escape some people, so I thought I'd call that out directly.),
LoadModule proxy_module modules/mod_proxy.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule rewrite_module modules/mod_rewrite.so
<VirtualHost *>
ServerName foo.bar.baz
ProxyPreserveHost On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://foo.bar.com:6284
ProxyPassReverse / http://foo.bar.com:6284
</VirtualHost>
If I attempt to browse directly to foo.bar.com:6284, I get the expected results. Hosts resolves the name to the private IP and I see the markup that I expect. But when I attempt to browse to foo.bar.baz, I get "No Response from DNS Server."
Can anyone see what's wrong with my supposed-to-be-stupid-simple reverseproxy?
Ok, so assuming that my corporate domain name is bar.com, everything seems to route fine as long as all host entries that reference "bar" always followed it with ".com"
If I tried to enter foo.bar.net or foo.bar.org or foo.bar.floop as my host, I get "No Response from DNS Server" errors. If I enter foo.bar.com the host resolves.
While I received these errors as "Vital Security Proxy Errors", a developer on my team that is helping me test this received Trustwave errors instead.
This seems to be something specific to our network security policies.

How to rewrite / proxy an Apache URI to an application listening on a specific port / server?

They say that Apache's mod_rewrite is the swiss-army knife of URL manipulation, but can it do this?
Lets say I want to add a new application to my Apache webserver, where the only configurable option of the app is a port number.
I want to use & give out URLs of the form "http://hostname.example.com/app" rather than "http://hostname.example.com:8080". This would ensure that clients would be getting through the institution's firewall as well, and it's generally tidier.
My application includes absolute URIs in php, javascript and css, so I want to prepend my own root location to the URI in the applications internal links. I have no access to DNS records and so can't create another name-based virtual server.
Using Apache's mod_rewrite and mod_proxy modules, I can transparently redirect a client to the correct home-page of the application. But links within that homepage don't point a client to links relative to the new base URL.
So, what's the best way of proxying a request to an application that is listening on a specific port?
For example, if I had an application listening on port 8080, I could put this in my Apache configuration:-
<VirtualHost *:80>
SSLProxyEngine On
ServerName myhost.example.com
RewriteEngine On
UseCanonicalName On
ProxyVia On
<Location "/application">
RewriteRule ^/application/?(.*) http://localhost:8080/$1 [P,L]
</Location>
</VirtualHost>
This would work fine if the application didn't use absolute URLs, but it does. What I need to do is rewrite URLs that are returned by the application's css, javascript and php.
I've looked at the ProxyPass and ReverseProxyPass documentation, but I don't think these would work..?
I've also come across Nick Kew's mod_proxy_html, but this isn't included in the standard Apache Distribution, and my institution's webserver seems to have been fine for years without it.. Other than trawling manually (or using a grep -r | sed type expression) through the application's source code, or using this 3rd party add-on, are there any other ways to go about this?
Could I perhaps use some of the internal server variables in a mod_rewrite rule? For example a rewrite rule based on ’HTTP_REFERER'?
Using mod_proxy would work just fine. For instance, I mapped https://localhost/yalla/ to point to a subdirectory of my webserver:
LoadModule proxy_module modules/mod_proxy.so
ProxyRequests On
<Proxy *>
Order deny,allow
Allow from localhost
</Proxy>
ProxyPass /yalla/ http://yalla.ynfonatic.de/tmp/
If you implement this, you'll note that the pictues of the directory-listing aren't visible; this is because they're below the /tmp/ directory on the remote server, hence not visible.
So, in your case you'd do:
LoadModule proxy_module modules/mod_proxy.so
ProxyRequests On
<Proxy *>
Order deny,allow
Allow from localhost # Or whatever your network is if you need an ACL
</Proxy>
ProxyPass /app/ http://hostname.example.com:8080/
Like with everything in Apache configuration, watch those trailing slashes when referring to directories.
Good luck!
Alex.

switching my app from http to https

i'm working on an extranet for my school, in php and mysql, running on apache2 and using friendly urls via mod_rewrite.
I'm thinking that since there is potentially sensitive data involved, it would be better to work on an https url rather than http. The thing is: i have absolutely no experience in https. The pros, the cons and will my app actually work or will i need to modify it?
Does it also mean i have to set up something specific on the server? Will it not break the mod_rewrite rules?
Thank you for your time.
For your app, everything is the same but the URL.
But the Apache must be configured to properly handle it. Its just another VirtualHost entry in httpd-vhosts.conf, but using port 443 and...
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile "/..path../certificate.crt"
SSLCertificateKeyFile "/..path../certificate.key"
DocumentRoot ...
httpd.conf:
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
Search Google for instructions of how to create your 'testing purpose' SSL certificate.