I have a server running ubuntu+apache. I have a website running (old ipython notebook with a multiuser-hack) that can be accessed through xxx.xx.xx.xx (=:myip). The corresponding apache configuration called sins.conf looks like this:
<VirtualHost *:80>
ServerName ipython.local-server
ServerAlias
WSGIDaemonProcess ipythonapp2 user=www-data group=www-data processes=2 threads=5\
python-path=/home/sins/ilmrt/lib/python2.7/site-packages
WSGIScriptAlias / /home/sins/ilmrt/ipysite/wsgi.py
<Directory /home/sins/ilmrt/ipysite>
#WSGIProcessGroup ipythonapp2
WSGIApplicationGroup %{GLOBAL}
Require all granted
Allow from all
</Directory>
Alias /static/ /home/sins/ilmrt/ipysite/static/
<Location "/static/">
Options -Indexes
</Location>
</VirtualHost>
and works perfectly.
Now, since I'm about to run a new website (jupyterhub) with reverse proxy in addition, I setup a new apache configuration called jupyterhub.conf:
ProxyPass / http://localhost:9111/
ProxyPassReverse / http://localhost:9111/
Header edit Origin http://myip:9111/ localhost:9111
RequestHeader edit Origin http://myip:9111 localhost:9111
Header edit Referer http://myip:9111 localhost:9111
RequestHeader edit Referer http://myip:9111 localhost:9111
<Location ~ "/(user/[^/]*)/(api/kernels/[^/]+/channels|terminals/websocket)/?">
ProxyPass ws://localhost:9111
ProxyPassReverse ws://localhost:9111
</Location>
If i run sudo a2ensite jupyterhub and sudo service apache2 reload, the new website works as expected under http://myip:9111. However, the old website with the address http://myip shows Service Unavailable.
I don't understand what I need to change to make both sites working at the same time. Any help?
EDIT:
I believe I need to put the jupyterhub configuration inside a <VirtualHost *:9111>, but if I start the jupyterhub server it says
Proxy appears to be running at http://myip:9111, but I can't access it. Connection refused.
Okay, so the trick was as I assumed: It needs to be put in a VirtualHost.
For some reason I initially put a Listen 9111 in front of the config-code below, which is why it blocked something..Here's the code in case anyone is interested:
<VirtualHost *:9111>
ProxyPass / http://localhost:9111/
ProxyPassReverse / http://localhost:9111/
Header edit Origin http://myip:9111/ localhost:9111
RequestHeader edit Origin http://myip:9111 localhost:9111
Header edit Referer http://myip:9111 localhost:9111
RequestHeader edit Referer http://myip:9111 localhost:9111
<Location ~ "/(user/[^/]*)/(api/kernels/[^/]+/channels|terminals/websocket)/?">
ProxyPass ws://localhost:9111
ProxyPassReverse ws://localhost:9111
</Location>
LogLevel debug
</VirtualHost>
Related
Could you please let me know how can we use reverse proxy to allow non aem server to post pages to a directory on the main domain on AEM site (Eg: www.yourdomainname.com/test-one)?
I have tried adding the below syntax in the vhost file in dispatcher module of Apache server for using reverse proxy. However, this didn't work and faced a 404 on dispatcher upon server restart. The reason might be dispatcher reverse proxies to the publish instance. How can we bypass this issue to setup reverse proxy?
<VirtualHost *:80>
ServerName www.yourdomainname.com
ProxyRequests off
RemoteIPHeader X-Forwarded-For
Header set xxx-Proxy-Version "1.0"
ProxyPreserveHost On
<Location /test-one >
ProxyPass "http://xxx/test-one"
ProxyPassReverse "http://xxx/test-one"
Order allow,deny
Allow from all
</Location>
<Location /test-one/(.*) >
ProxyPass "http://xxx/test-one/(.*)"
ProxyPassReverse "http://xxx/test-one/(.*)"
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Thanks
I am trying to allow only certain domains to access the source. When I am inserting
Header Set Access-Control-Allow-Origin "domain.tld" it works perfectly.
When I try it for multiple domains, it does the opposite. It allows any domain but not cors.domain.tld:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:9090/
ProxyPassReverse / http://localhost:9090/
ServerName map.domain.tld
ServerAlias map.domain.tld
<Proxy *>
SetEnvIf Origin "http(s)?://(www\.)?(cors.domain.tld|staging.google.com)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header merge Vary Origin
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
What do I do wrong?
Thanks!
I figured it out, I had to set --no-cors on the my docker image, where I proxy the domain to. Now it works fine.
I need to show some sites in a iframe and I cannot do that directly as some of those sites have the header X-Frame-Options set to 'SAMEORIGIN'. As a way to bypass this I tried using an reverse proxy in apache. Below is the my apache configuration
<VirtualHost *:80>
ServerName google.local
ProxyRequests Off
DocumentRoot /var/www/html/iframe-test
ProxyPass /test http://www.oracle.com/index.html
ProxyPassReverse /test http://www.oracle.com/index.html
ErrorLog /var/log/apache2/google.local-error.log
CustomLog /var/log/apache2/google.local-access.log combined
<Location *>
AllowOverride All
Order allow,deny
Allow from all
# Header always append X-Frame-Options "ALLOW-FROM all"
Header add test-header 'test'
</Location>
But still I cannot load the site in iframe and I am getting the error Load denied by X-Frame-Options: https://www.oracle.com/index.html does not permit cross-origin framing.
The issue with the above configuration was that the proxy only worked for http protocol. But as seen in the console error message the external site actually redirect http to https automatically.
So to handle the https requests all it was needed to enable ssl in apache and turn on SSLProxyEngine. To do that,
run sudo a2enmod ssl on terminal
add the line 'SSLProxyEngine On' to the above config
<VirtualHost *:80>
ServerName google.local
ProxyRequests On
ProxyPreserveHost Off
SSLProxyEngine On
DocumentRoot /var/www/html/iframe-test
ProxyPass /test http://www.oracle.com/index.html
ProxyPassReverse /test http://www.oracle.com/index.html
ErrorLog /var/log/apache2/google.local-error.log
CustomLog /var/log/apache2/google.local-access.log combined
<Location *>
AllowOverride All
Order allow,deny
Allow from all
# Header always append X-Frame-Options "ALLOW-FROM all"
Header add test-header 'test'
</Location>
</VirtualHost>
I want to make Tableau (which is on an internal network) accessible on the public network. One of the ways recommended by Tableau Support is a Reverse Proxy.
I have set up the required modules and have the reverse proxy functioning. The login page is available through these settings in httpd given below. However, once I log in and want to open Projects, Views etc. It routes to
http://actualsite.com/#/vieworproject
which should actually be http://actualsite.com/tableauaccess/#/vieworproject.
Here is the httpd configuration:
ProxyPass /tableauaccess/ http://tableauserverexample.com/
ProxyPassReverse /tableauaccess/ http://tableauserverexample.com/
<Location /tableauaccess/>
Order deny,allow
Allow from all
ProxyHTMLURLMap / /tableauaccess/
</Location>
This doesnt solve the main issue with #. I tried
ProxyPass /#/ http://tableauserverexample.com/#/
ProxyPassReverse /#/ http://tableauserverexample.com/#
But it doesnt help. Any suggestions?? Thanks!
We had this same issue recently. Your httpd.conf file is technically correct for mod_proxy, however the url you are attempting to use is not supported by Tableau. You cannot use:
http://actualsite.com/tableauaccess
But rather you must use the format:
http://tableauaccess.actualsite.com
We ended up setting up that sub-domain name and then using a VirtualHost block such as:
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName actualsite.com
DocumentRoot "/path/path2/pathx"
</VirtualHost>
<VirtualHost *:80>
ServerName tableauaccess.actualsite.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://tableauaccess.actualsite.com/
ProxyPassReverse / http://tableauaccess.actualsite.com/
<IfModule mod_cache.c>
CacheDisable *
</IfModule>
RequestHeader set X-Forwarded-Proto "http" #or "https", depending on preference
</VirtualHost>
Be sure to double-check your Tableau server to update the URL format.
Sources:
https://community.tableau.com/thread/198095
https://community.tableau.com/thread/218678
(I don't have enough reputation points to post all of my sources, but thanks to Tableau community, shanemadden at ServerFault, and the Apache documentation.)
edit: forgot trailing slashes
I'm trying to setup reverse proxy to some web service, so I can develop JavaScript Ajax application on localhost. I have managed to do it with Apache following way:
ProxyPass /serviceproxy/ http://someservice.com/
ProxyPassReverse /serviceproxy/ http://someservice.com/
ProxyHTMLURLMap http://someservice.com/ /serviceproxy/
<Location /serviceproxy>
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLURLMap / /serviceproxy/
ProxyHTMLURLMap http://someservice.com/
RequestHeader unset Accept-Encoding
</Location>
That works fine for http webpages, but not for https pages. If I set proxy to https://someservice.com/, Apache returns 500 Internal server error. I'm new to Apache configuration. How to make it work? Is it even possible?
thanks
You have to enable Ssl module (a2enmod ssl) Then in /etc/apache2/sites-available/default file include following lines
RequestHeader set X-Forwarded-Proto "https"
ServerName localhost
SSLProxyEngine On
RequestHeader set Front-End-Https "On"
Between line
ServerAdmin webmaster#localhost
and line
DocumentRoot /var/www
Hope it helps.