Below is my configuration:
All HTTPS requests are redirected to port 8081 of apache
And in my configuration file of apache I am using below mentioned configuration
<VirtualHost *:8081>
ServerName www.servername.com
ServerAlias servername.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} ^.*_url_=(.*)
RewriteRule ^.*$ /make?url=%1 [B,L,P,S=1]
</Directory>
ProxyPreserveHost On
ProxyPass /make http://localhost:8084/
ProxyPassReverse /make http://localhost:8084/
</VirtualHost>
In which one more server is hosted on port 8084 which returns back the page.
Everything is working fine, apart from the url getting changed.
So if I am making a request as
https://www.servername.com?url=queryString
it returns the correct response as expected, but the url changes to
https://www.servername.com/make?url=queryString
Please help me in figuring out, that what parameter I am missing in my apache configuration in the proxy, which can help in avoiding the url getting changed.
Thanks
Related
I am trying to setup a reverse proxy using Apache2 on a Centos 8 server.
I currently have nextcloud running on this apache server fine. This is hosted on the domain storage.domain.com.
I'd like to setup a reverse proxy for the domain proxy.domain.com to the port 8181.
My config currently exists in the /etc/httpd/conf.d directoy.
My reverse proxy file (proxyfile.conf)is as follows:
ServerName proxy.domain.com
<VirtualHost *:80>
ServerName proxy.domain.com
<Location />
ProxyPass http://127.0.0.1:8181/
ProxyPassReverse http://127.0.0.1:8181/
ProxyPreserveHost On
</Location>
</VirtualHost>
For reference, my nextcloud file (nextcloud.conf)is as follows:
<VirtualHost *:80>
DocumentRoot /var/www/nextcloud/
ServerName storage.domain.com
Redirect permanent / https://storage.domain.com
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule>
<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =storage.domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
The issue currently is when I go to the domain proxy.domain.com is that it redirects me to storage.domain.com.
I was expecting the page at 127.0.0.1:8181 to load when visiting proxy.domain.com.
Any help would be greatly appreciated. Thank you!
I have a server which maintains multiple domains using VirtualHost and I'm trying to setup GitWeb according to Gitweb - ArchWiki.
According to the wiki, I have to append the lines below to an Apache config file.
Alias /gitweb "/usr/share/gitweb"
<Directory "/usr/share/gitweb">
DirectoryIndex gitweb.cgi
Options ExecCGI
Require all granted
<Files gitweb.cgi>
SetHandler cgi-script
</Files>
SetEnv GITWEB_CONFIG /etc/gitweb.conf
</Directory>
After this, Alias works and I can access the service by accessing one of
192.168.10.102/gitweb/ (local IP)
https://my_domain_1.com/gitweb/
https://my_domain_2.com/gitweb/
...
So far, everything's okay.
Now I'd like to limit the effect of the Alias to one domain: my_domain_1.com. So I moved the lines above inside its existing VirtualHost settings.
<VirtualHost *:80>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
RewriteEngine on
RewriteCond %{SERVER_NAME} =my_domain_1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} END,NE,R=permanent]
</VirtualHost>
However, when I access https://my_domain_1.com/gitweb/, 404 error occurs. The error log says nothing and I have no .htaccess for the domain.
How can I make it work?
I found the solution.
Since I requested that all of http requests should be redirected to the https versions, I should have written the gitweb settings not in <VirtualHost *:80> (http) but in <VirtualHost *:443> (https). The result should be
<VirtualHost *:443>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
SSLCertificateFile /etc/letsencrypt/live/my_domain_1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/my_domain_1.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Now it works perfectly.
I'm have a an Apache HTTP server that has a reverse proxy to a tomcat server. However, I only want the reverse proxy to happen when the client uses the subdomain www. This is because I want to use other subdomains to point to other applications, such as email.
e.g. www.example.com will go display the apache tomcat webapp.
The way to do this, I presume, is to configure my DNS so that every subdomain I use will point to my server. Right now, in addition to www, that is server.example.com and posfixadmin.example.com. However, the issue is that all my subdomains end up pointing to tomcat.
So when I try to visit postfixadmin.example.com/setup.php to set up postfixadmin through its web setup, it ends up taking me to my tomcat webapp's 404.
Here is my virtualhost configuration:
<VirtualHost www.example.com:80>
ServerName http://www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost server.example.com:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost postfixadmin.example.com:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EDIT
It looks like the proxy conf file doesn't do anything (??). I decided to experiment around and change the first virtualhost servername to the following:
<VirtualHost *:80>
ServerName abcd.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Then, I restarted and reloaded Apache...But for some reason, going to www.example.com STILL took me to the tomcat webapp! Does anyone know what drives this?
As to the DNS: I have set specific CNAME entries for each subdomain including www; all of them point back to the public IP of my server that houses my example.com domain (using # in my case - possible with most DNS, I think). There may be some different strategies on this, but I believe you're on the correct path based on what you've suggested in the question.
As to Apache configuration:
I believe that the http protocol does not need to be specified in the ServerName directive and that, generally, the domain need not appear inside the <VirtualHost>...</VirtualHost> tags.
I should mention that I am relatively unfamiliar with Tomcat but am assuming it is listening at 8080 on the localhost, in which case this should help.
I'm not 100% certain that that is all that is snarling you, but try trimming that ServerName back and doing like so, including the change to the VirtualHost open tag:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Your second <VirtualHost> probably requires similar changes, though it also seems that you are directing it to serve requests from the web/network which are coming in on port 8080 -- which I don't believe is your intent.
I think what you want is to also listen on port 80 from the web/network, but to follow these directives if addressed to server.example.com like so:
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
And finally, similar change to the opening <VirtualHost> tag on the final one:
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Altogether, this seems more like what you're looking for:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
I got it!
It turns out that the problem was in the ssl configuration file - the :443 ports were overlapping.
Thanks for the help!
I have a problem to redirect some request to an other port. Here's my configuration:
I have a public domain like XXXX.ddns.net
I have a Rapsbian server with apache and files in my /var/www folders are correctly served (angular website)
On the same Raspbian server there is a REST server running on the 3000 port
This is running on HTTPS with SSL(letsencrypt)
I would like that all requests to XXXX.ddns.net/api/* to be redirected to the 3000 port.
I change the .htaccess file and the rewrite rule seems to works on local but I can't make it working from my internet site. API requests achieve with a error 500.
Here is my current .htaccess file:
RewriteEngine On
RewriteRule ^api/(.*) https://localhost:3000/api/$1 [QSA]
# not sure if it should be http or https in the rule but nothing works
#RewriteRule ^api/(.*) http://localhost:3000/api/$1 [QSA]
# If an existing asset or directory is requested go to it as it is
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -f [OR]
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -d
RewriteRule ^ - [L]
# If the requested pattern is file and file doesn't exist, send 404
RewriteCond %{REQUEST_URI} ^(\/[a-z_\-\s0-9\.]+)+\.[a-zA-Z]{2,4}$
RewriteRule ^ - [L,R=404]
Here is my current 000-default-le-ssl.conf file (in /etc/apache2/sites-available):
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ServerName XXXX.ddns.net
SSLCertificateFile /etc/letsencrypt/live/XXXX.ddns.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/XXXX.ddns.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
<Location /api>
ProxyPass http://127.0.0.1:3000/api
ProxyPassReverse http://127.0.0.1:3000/api
</Location>
</VirtualHost>
</IfModule>
If someone could help me to achieve it...
Thanks!
Your self-found solution looks strange to me. You switch on the SSLProxyEngine and than disable all security measures. Is the backend API running under HTTPS and HTTP at port 3000 at the same time? This is not possible.
I use this setup (apache as proxy to backend application) pretty often and would suggest the following configuration:
As I did not understand the purpose of the rewrite directives I left them out. The VirtualHost at port 80 always redirects HTTP requests to HTTPS. If this works add permanent to the directive (permanent is cached by some browsers, see comment in VirtualHost *:80).
The VirtualHost for HTTPS serves content from your DocumentRoot at /var/www/html. The Directory directive takes care that only correctly addressed files are served (no lookups possible). The VirtualHost also provides the proxy for the /api on the same server on port 3000.
It should work for apache 2.4 if your letsencrypt configuration is correct (fill-in the XXXX). Both VirtualHost configurations can be written into a single file, usually located in /etc/apache2/sites-available with a symlink to /etc/apache2/sites-enabled. Please remove/rename your .htaccess file and other configurations before testing this configuration. If you need access control through apache this could also be configured directly in the VirtualHost configuration.
<VirtualHost *:80>
ServerName XXXX.ddns.net
# Always https
Redirect / https://XXXX.ddns.net/
# Redirect permanent / https://XXXX.ddns.net/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName XXXX.ddns.net
# These are your SSL settings; your responsibility
SSLCertificateFile /etc/letsencrypt/live/XXXX.ddns.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/XXXX.ddns.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
# Your document root; where the JavaScript application lives
DocumentRoot /var/www/html
<Directory /var/www/html/ >
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride None
Order Allow,Deny
Allow From All
</Directory>
# Reverse proxy settings for api
ProxyRequests Off
ProxyPreserveHost On
<Location /api >
ProxyPass http://127.0.0.1:3000/api
ProxyPassReverse http://127.0.0.1:3000/api
</Location>
</VirtualHost>
Thanks for your help. I don't really know how but it works now!
I dont rember exactly what i did, but the last one was to modify my 000-default-le-ssl.conf file like this:
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
<Location /api>
ProxyPass http://127.0.0.1:3000/api/
ProxyPassReverse http://127.0.0.1:3000/api/
ProxyPass https://127.0.0.1:3000/api/
ProxyPassReverse https://127.0.0.1:3000/api/
</Location>
I have a domain www.example.com hosted in one location.
I have created another account with a different hosting provider that allows me to create subdomains: www.test1.example.com and www.test2.example.com
I am putting a custom page for each of the subdomains when the user goes to test1.example.com, test2.example.com....
After the user logs in on this custom page, I want to maintain the subdomain (of test1.example.com) but internally have all requests point to www.example.com.
I am running the custom pages on Apache and the domain pages on Apache Tomcat - I think that using 'mod_rewrite' is the way to go?
Put the following in a .htaccess file in your subdomain's document root:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^test1\.example\.com$
RewriteRule ^/(.*) http://example.com/$1 [redirect,last]
To enable mod_rewrite on a modern Ubuntu web server run this command:
sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/rewrite.load
Make sure AllowOverride is set to "All" in your VirtualHost configuration (for example /etc/apache2/sites-available/default):
<Directory /var/www/document/root/>
AllowOverride All
</Directory>
then restart Apache:
sudo /etc/init.d/apache2 restart
So, basically the answer I found that worked was to use mod_proxy. I enabled that as an Apache module and included the following in my httpd-vhosts.conf file.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName test1.example.com
DocumentRoot "location_of_the_custom_page"
ErrorLog "logs\errors.log"
<directory "D:\wamp\www\capitalfloat">
Options Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from all
</directory>
</VirtualHost>
<VirtualHost *:80>
ServerName localhost2
ServerAlias *.example.com
ErrorLog "logs\errors.log"
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.example.com
ProxyPassReverse / http://www.example.com
</VirtualHost>
I also had to include 'http://www.example.com' and 'test1.example.com' in the Windows Host File (For me, C:\Windows\System32\drivers\etc\hosts). In my custom login page, the request goes to 'example.com' and all subsequent requests are sent to 'www.example.com' but the url still shows 'test1.example.com/...'