This question is probably too simple but I cannot get it to work despite hours of testing (and even crashing the server twice o.o ).
The issue is asked frequently: A Tomcat server is accessible through:
"domain.net:8080/theserver/"
and I want it to be accessible directly on "domain.net/".
Just that should also be visible in the user's browser.
The engine "Plesk" which I'm using to configure the site offers a command field for such things. Using the following lines, I've established visible redirecting:
ProxyRequests off
RequestHeader unset Accept-Encoding
RewriteEngine on
RewriteRule ^(/.*) http://www.domain.net:8080/theserver [P]
The redirection doesn't happen in the background though. When I type domain.net into the browser, it switches to "domain.net:8080/theserver/".
What's the right way to make this happen in the background?
"theserver" is the root-location which should be accessible on the server for now.
Huge thanks in advance!
Make sure Rewrite Module of webserver is enabled.
Make sure apache listens on port 80 and 8080 both.
Add this to .htaccess file in the root BUT NOT in the subdirectory "theserver".
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?domain.net$
RewriteCond %{REQUEST_URI} !^/theserver/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ http://domain.net:8080/theserver/$1
RewriteCond %{HTTP_HOST} ^(www.)?domain.net$
RewriteRule ^(/)?$ http://domain.net:8080/theserver/index.php [L]
You first need to make sure both mod_proxy and mod_proxy_http are enabled in plesk.
Also you should probably either use www or not www.
ProxyRequests Off
RewriteEngine on
RewriteRule ^(.*)$ http://domain.net:8080/myserver/$1 [P]
You can also use the ProxyPass in the server config/vhost.
<Location />
ProxyPass http://domain.net:8080/
ProxyPassReverse http://domain.net:8080/
</Location>
You're just missing ProxyPassReverse. The backend is sending a redirect on the initial URL to add a trailing slash. ProxyPassReverse fixes those redirects for you to use the frontend host/port.
If you control the apache web server, then do you not have to redirect any URL.
Rewriting is supposed to happen for unique requests. If possible, then should the type of rewrite you want get done in the configuration of apache.
First do you have to tell the apache server to listen on port 8080:
listen 8080
Then can you make a virtual host like this:
<VirtualHost *.:8080>
Servername www.domain.net
</VirtualHost>
See for instance:
https://httpd.apache.org/docs/trunk/vhosts/examples.html
and
https://httpd.apache.org/docs/trunk/vhosts/examples.html#port
specifically.
This is much more efficient than using .htaccess, because the latter is parsed at every request, where the solution with virtual hosts is loaded into memory during startup of the server.
Your solution is the other way around. It will make the port visible, because that is the rewrite you create. You want it the other way around and that can be established best by making use of virtual hosts.
A little example of a virtual host:
<VirtualHost www.example.nl:8080>
ServerName www.example.nl
ServerAlias example.nl
DocumentRoot /var/www/theserver
<Directory /var/www/theserver>
etc..
</Directory>
etc...
</VirtualHost>
You may want to actually setup ProxyPass and ProxyPassReverse to accomplish what you are trying to do
ProxyRequests on
ProxyPass / http://IP_OR_LOCALHOST:8080/theserver/
ProxyPassReverse / http://IP_OR_LOCALHOST:8080/theserver/
OR
ProxyPass /theserver/ http://IP_OR_LOCALHOST:8080/theserver/
ProxyPassReverse /theserver/ http://IP_OR_LOCALHOST:8080/theserver/
OR
ProxyPass /anyname/ http://IP_OR_LOCALHOST:8080/theserver/
ProxyPassReverse /anyname/ http://IP_OR_LOCALHOST:8080/theserver/
Related
I have an Apache 2.4 site that serves content that is generated by modperl via HTTPS. The relevant Location section is as follows:
<Location />
SetHandler modperl
PerlResponseHandler MyService
</Location>
I would now like to enable the same content via HTTP as well. The following /etc/apache2/sites-enabled/myservice.conf works to some extend in that it redirects URLs with trailing paths but not the "root" page (say, http://myservice.mycompany.com). I suspect this is (also) because this page is special in that it is backed by modperl.
<VirtualHost *:80>
LogLevel debug
ServerName myservice.mycompany.com
RedirectPermanent / https://myservice.mycompany.com
</VirtualHost>
So how can I use RedirectPermanent for redirecting from HTTP to HTTPS for an entire Apache sites, including those pages that are backed by modperl?
To redirect any path in your site, you probably want to use mod_rewrite. These rules should work:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
(I've removed the perl and mod_perl tags from this question. The rewrite happens long before the server cares about how it's going to serve the content.)
I want to map multiple customer facing URLs to a single internal end-point, but with a query parameter to to identify each customer.
For example customer enters https://external_host/customer1
I want a reverse proxy to forward it as https://internal_host/app?customer=cust1
I have tried the following:
<Location "/customer1" >
RewriteEngine On
RewriteRule /customer1 /customer1?customer=cust1 [QSA,P]
ProxyPass https://<internal host>/app
ProxyPassreverse https://<internal host>/app
</Location>
<Location "/customer2" >
RewriteEngine On
RewriteRule /customer2 /customer2?customer=cust2 [QSA,P]
ProxyPass https://<internal host>/app
ProxyPassreverse https://<internal host>/app
</Location>
The basic proxy works, in that the request is forwarded to the internal server, but the query parameter is not added.
From all the reading I have done, I feel it should be possible to do what I want, but cannot get it to work.
Any pointers gratefully received.
Regards
Chris
I solved this as follows:
ProxyRequests off
ProxyPass /app http://<internal server>/app
ProxyPassReverse /app http://<internal server>/app
RewriteEngine on
RewriteRule ^/cust1.htm /app?client=cust1.htm [QSA,P]
RewriteRule ^/cust2.htm /app?client=cust2.htm [QSA,P]
Chris
The ProxyPass and ProxyPassReverse from the question config are ignored, because the P in [QSA,P] performs the proxy request.
Some additional cases to add query parameter extraparam=something to the proxied server:
Regular expression and remote server
if you need to use a regular expression in your rule (first wildcard (.*) is replaced by $1):
RewriteEngine on
RewriteRule ^/path/to/hook/to/proxy/(.*) http://example.org/$1?extraparam=something [QSA,P]
If the proxied server uses https, you should add SSLProxyEngine On to the configuration:
RewriteEngine on
SSLProxyEngine on
RewriteRule ^/path/to/hook/to/proxy/(.*) https://example.org/$1?extraparam=something [QSA,P]
Consider this:
we have an external server for files that can be downloaded
our website (plone based) is the interface for downloading them and we try to hide the direct links as much as possible
jquery.fileDownload plugin needs a cookie set on file on download
I'm trying to set our Apache configuration to replace links like this:
original: data-files-example.com/folder/subfolder/file.zip
replaced: our-website-example.com/_downloads/folder/subfolder/file.zip
So, the missing part in my case is: how to set Apache to work like this?
I'm trying:
NameVirtualHost *:80
<VirtualHost :80>
ServerAdmin email#our-website-example.com
ServerName our-website-example.com
RewriteEngine On
RewriteRule "^/_downloads(.)$" "https://data-files-example.com/$1" [P]
RewriteCond %{REQUEST_METHOD} ^(PUT|DELETE|PROPFIND|OPTIONS|TRACE|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK)$
RewriteRule .* - [F,L]
RewriteRule ^/(.*) http://127.0.0.1:/VirtualHostBase/http/data-files-example.com:80/my_plone_website/VirtualHostRoot/$1 [L,P]
</VirtualHost>
I receive 503 Service Unavailable.
How to fix this?
Try a reverse proxy. Just make sure that mod_proxy and mod_proxy_http are enabled in your Apache configuration and that your proxy rule is set before the VirtualHostBase rule for Plone, if the pattern is the root slash.
ProxyPass /_downloads http://data-files-example.com
ProxyPassReverse /_downloads http://data-files-example.com
When proxying to a https backend you'll also need mod_ssl installed and the directive SSLProxyEngine On.
SSLProxyEngine On
ProxyPass /_downloads https://data-files-example.com
ProxyPassReverse /_downloads https://data-files-example.com
Following code at least rewrites your given original- to your desired target-URL:
<VirtualHost>
SSLProxyEngine On
RewriteEngine On
RewriteCond %{HTTP_HOST} ^our-website-example.com$
RewriteRule "^/_downloads(.*)$" "https://data-files-example.com/$1" [P,L]
</VirtualHost>
This requires the modules mod_ssl, mod_proxy and mod_rewrite to be activated.
Let us know if it was your sought solution and if not, where it went wrong :)
I am trying to use Apache as a proxy for an internal tomcat server, but the tomcat server performs a redirect that got me crazy
I first tried mod_proxy through:
ProxyPass / ajp://127.0.0.1:8045/bv-via-web/
ProxyPassReverse / ajp://127.0.0.1:8045/bv-via-web/
When accessing / (root) the internal server performs a redirect to /bv-via-web/hola which doesn't exist. It should redirect to /hola. How can I achieve this through the Apache config?
As a workaround I though I add the following:
ProxyPass /bv-via-web/ ajp://127.0.0.1:8045/bv-via-web/
ProxyPassReverse /bv-via-web/ ajp://127.0.0.1:8045/bv-via-web/
But that doesn't work as it will extend the url to an internal request of bv-via-web/bv-via-web/hola. So basically I want to change the url but don't know how that is possible with mod_proxy.
I then tried mod_rewrite, with the following:
RewriteEngine on
RewriteRule ^/bv-via-web/(.*)$ http://127.0.0.1:8040/bv-via-web/$1 [P,L]
RewriteRule ^/(.*)$ http://127.0.0.1:8040/bv-via-web/$1 [P,L]
But then when I open the root of the website it performs a redirect and http://127.0.0.1:8040/bv-via-web/hola appears in the browser address.
I don't understand, as it should work as an internal proxy due to the [P] flag.
What am I doing wrong ?
I solved it by adding:
ProxyPreserveHost On
Such it's not forwarded to the 127.0.0.1 as mentioned above.
So the total config snippet is:
RewriteEngine on
RewriteRule ^/bv-via-web/(.*)$ http://127.0.0.1:8040/bv-via-web/$1 [P]
RewriteRule ^/(.*)$ http://127.0.0.1:8040/bv-via-web/$1 [P]
I want my apache to always force people to use https and to map IP based look ups to be forwarded to the server name. The following settings (in httpd.conf file) take care of the http to https redirect:
<Location />
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://my_server.example.com%{REQUEST_URI}
</Location>
But now I also want that if people type 192.168.1.2 they get redirected to my_server.example.com.
To sum up:
http://192.168.1.2/someurl -> https://my_server.example.com/someurl
I've tried several things but either my settings get ignored or I end up in a redirect loop.
any hints?
If you have access to the main config and not just .htaccess, this is something most easily done with separate virtual hosts rather than resorting to the Swiss Army chainsaw that is mod_rewrite.
<VirtualHost *:80>
Redirect permanent / https://my_server.example.com/
</VirtualHost>
<VirtualHost *:443>
Redirect permanent / https://my_server.example.com/
SSLEngine on
</VirtualHost>
<VirtualHost *:443>
ServerName my_server.example.com
SSLEngine on
...real site config...
</VirtualHost>
It's not just numeric IP address access you generally want to redirect to your canonical hostname, but all addresses other than the known-good domains you control. Putting a default virtual host first in the config, that redirects (or serves up nothing) helps avoid certain DNS-based XSS attacks.
I figured out the following solution:
<Location />
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} !^my_server\.example\.com [NC]
RewriteRule (.*) https://my_server.example.com%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://my_server.example.com%{REQUEST_URI}
</Location>
it does exactly what I need.