We Keep Coding

Apache 2.4 compression not working when using alias and reverse proxy

Problem:
I have an alias directory for a url sub path that pulls static data. I can get this to gzip compress just fine. However, when I add proxy to other paths and add an exception for my static data, compression stops.
Environment
Windows x64
Apache 2.4
Key Configuration in httpd.conf
<Directory "${SRVROOT}/static">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# I have used FilterProvider as well an know this just does javascript at the moment
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
SetOutputFilter DEFLATE
<IfModule alias_module>
Alias "/static" "${SRVROOT}/static"
ScriptAlias /cgi-bin/ "${SRVROOT}/cgi-bin/"
</IfModule>
With this configuration and a "static" folder under SRVROOT, I place a file bundle.js (3M of data). Polling this file at http://localhost/static/bundle.js gives me 600K of download with gzip compression. ALL GOOD
Now for the change. The default path of the app needs to reverse proxy to another application and apache is just serving up static content.
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
extra/proxy-html.conf file content
#default proxy stuff above...
ProxyRequests off
ProxyPass / http://localhost:5000/
#ProxyPass /static/ /
ProxyHTMLURLMap http://localhost:5000/ /
<Location />
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLURLMap / /
RequestHeader unset Accept-Encoding
</Location>
<Location /static/ >
ProxyPass !
</Location>
This still allows me to hit my static data, only now the gzip compression is not happening. I do not know if this is a bug in apache or if there is a better way to configure this.
Here are my requirements:
I cannot change the pathing of the url (static is where it is, and root url content gets reverse proxied
I need compression
Deployment is to a root folder that honestly is not named static, so the fact that I route (in this example) static to {some directory}/static it is really http://localhost/static/* to a dist folder in all actuality.

It appears that RequestHeader unset Accept-Encoding is bleeding over into the other Location definition. This seems like it should not be expected behavior. There appears to be two solutions to the problem.
Remove the ProxyHTMLURLMap and RequestHeader unset Accept-Encoding as this needs to uncompress the content
to do the url rewriting.
Inflate and Deflate the content. I have yet to determine of this will inflate and deflate the static content on the server. The only reason I mention this is because the usetting of the Accept-Encoding seemed to bleed over into the static section. -- Not sure how to test this yet.
Example of removing ProxyURLMap
ProxyRequests off
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
<Location /static/ >
ProxyPass !
</Location>
#Do not use this anymore
#<Location />
# ProxyPassReverse /
# ProxyHTMLEnable On
# ProxyHTMLURLMap / /
# RequestHeader unset Accept-Encoding
#</Location>
Example of using the INFLATE;DEFLATE
ProxyRequests off
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
<Location />
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLURLMap / /
SetOutputFilter INFLATE;DEFLATE
</Location>
<Location /static/ >
ProxyPass !
</Location>

Jenkins / Apache Reverse Proxy Error

I am running into an issue that seems to be fairly common based off of my searches, however I've followed all the instructions and/or fixes I've run into but none have worked for me so I'm asking this hoping someone can guide me in the right direction.
I have Jenkins 1.644 installed on OS X 10.11.2 from Homebrew. I followed these instructions on how to install and get it setup inside OS X Server 5.0.15 Websites (I believe this version of OS X server is running Apache 2.4.16.
The problem: When I connect to the manage console in Jenkins, I get the error message "It appears that your reverse proxy set up is broken." and a link to this jenkins doc.
Hitting http://127.0.0.1:8080/manage does not produce the error.
I have added the proxy settings to my virtual host file like so:
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
ProxyPassReverse / http://jenkins.exampledomain.com/
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
When I do the test curl:
curl -iLk -e https://jenkins.exampledomain.com/manage \
https://jenkins.exampledomain.com/administrativeMonitor/hudson.diagnosis.ReverseProxySetupMonitor/test
I get the following results:
HTTP/1.1 302 Found
Date: Fri, 22 Jan 2016 06:30:57 GMT
Server: Jetty(winstone-2.9)
X-Content-Type-Options: nosniff
Location: https://jenkins.exampledomain.com/administrativeMonitor/hudson.diagnosis.ReverseProxySetupMonitor/testForReverseProxySetup/https%3A%2F%2Fjenkins.exampledomain.com%2Fmanage/
Content-Length: 0
MS-Author-Via: DAV
HTTP/1.1 404 Not Found
Date: Fri, 22 Jan 2016 06:30:57 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/0.9.8zg
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /administrativeMonitor/hudson.diagnosis.ReverseProxySetupMonitor/testForReverseProxySetup/https://jenkins.exampledomain.com/manage/ was not found on this server.</p>
</body></html>
Clearly that address is on this server because I can enter the management console by going to the correct address.
I'm stuck... Apache configuration is not my strong point. I'm looking for any help.
--EDIT More Info--
Adding the full virtual host file from the /Library/Server/Web/Config/apache2/sites directory for further detail.
<VirtualHost 127.0.0.1:34543>
ServerName https://jenkins.exampledomain.com:443
ServerAdmin admin#example.com
DocumentRoot "/Library/Server/Web/Data/Sites/jenkins.exampledomain.com"
DirectoryIndex index.html index.php default.html
CustomLog /var/log/apache2/access_log combinedvhost
ErrorLog /var/log/apache2/error_log
<IfModule mod_ssl.c>
SSLEngine On
SSLCipherSuite "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
SSLProtocol -ALL +TLSv1
SSLProxyEngine On
SSLCertificateFile "/etc/certificates/machine.local.certCA1FileLocation.pem"
SSLCertificateKeyFile "/etc/certificates/machine.local.certCA2FileLocation.key.pem"
SSLCertificateChainFile "/etc/certificates/machine.local.certCA3FileLocation.chain.pem"
SSLProxyProtocol -ALL +TLSv1
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
</IfModule>
<Directory "/Library/Server/Web/Data/Sites/jenkins.exampledomain.com">
Options All -Indexes -ExecCGI -Includes +MultiViews
AllowOverride None
<IfModule mod_dav.c>
DAV Off
</IfModule>
<IfDefine !WEBSERVICE_ON>
Require all denied
ErrorDocument 403 /customerror/websitesoff403.html
</IfDefine>
</Directory>
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
ProxyPassReverse / http://jenkins.exampledomain.com/
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
</VirtualHost>
--EDIT 2 Another Finding--
I have noticed by attempting to curl to the 'not found' url above that indeed the server is reporting it not found. If I hit https://jenkins.exampledomain.com/manage/ I will get a 404. However, if I leave off the trailing /, it works. https://jenkins.exampledomain.com/manage is successful. Hopefully this means something to someone!
Thanks

I know this is an old question, but I was having the same problem with the error:
HTTP ERROR 404
Problem accessing /administrativeMonitor/hudson.diagnosis.ReverseProxySetupMonitor/testForReverseProxySetup/https%3A%2F%2Fbuild.scopeitconsulting.com%2Fmanage/. Reason:
http://build.domain.com/manage vs. https://build.domain.com/manage
I was able to solve my problem by including the two lines from the author's question:
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
So here is my relevant section from a working ssl.conf configuration in case it helps anybody. I am running Jenkins on port 8080 at the root context with http but reverse proxying it behind Apache enforcing https.
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
ProxyPassReverse / http://build.domain.com/
ProxyPassReverse / https://build.domain.com/
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
<Proxy http://localhost:8080/>
Order deny,allow
Allow from all
</Proxy>
I hope this helps somebody who like me has spent way too much time trying to find a working configuration to resolve the error.

You need to add below to catalina.properties file. Updating Apache configuration itself is not sufficient.
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true

Apache virtual host + reverse proxy conflict

I have a server running ubuntu+apache. I have a website running (old ipython notebook with a multiuser-hack) that can be accessed through xxx.xx.xx.xx (=:myip). The corresponding apache configuration called sins.conf looks like this:
<VirtualHost *:80>
ServerName ipython.local-server
ServerAlias
WSGIDaemonProcess ipythonapp2 user=www-data group=www-data processes=2 threads=5\
python-path=/home/sins/ilmrt/lib/python2.7/site-packages
WSGIScriptAlias / /home/sins/ilmrt/ipysite/wsgi.py
<Directory /home/sins/ilmrt/ipysite>
#WSGIProcessGroup ipythonapp2
WSGIApplicationGroup %{GLOBAL}
Require all granted
Allow from all
</Directory>
Alias /static/ /home/sins/ilmrt/ipysite/static/
<Location "/static/">
Options -Indexes
</Location>
</VirtualHost>
and works perfectly.
Now, since I'm about to run a new website (jupyterhub) with reverse proxy in addition, I setup a new apache configuration called jupyterhub.conf:
ProxyPass / http://localhost:9111/
ProxyPassReverse / http://localhost:9111/
Header edit Origin http://myip:9111/ localhost:9111
RequestHeader edit Origin http://myip:9111 localhost:9111
Header edit Referer http://myip:9111 localhost:9111
RequestHeader edit Referer http://myip:9111 localhost:9111
<Location ~ "/(user/[^/]*)/(api/kernels/[^/]+/channels|terminals/websocket)/?">
ProxyPass ws://localhost:9111
ProxyPassReverse ws://localhost:9111
</Location>
If i run sudo a2ensite jupyterhub and sudo service apache2 reload, the new website works as expected under http://myip:9111. However, the old website with the address http://myip shows Service Unavailable.
I don't understand what I need to change to make both sites working at the same time. Any help?
EDIT:
I believe I need to put the jupyterhub configuration inside a <VirtualHost *:9111>, but if I start the jupyterhub server it says
Proxy appears to be running at http://myip:9111, but I can't access it. Connection refused.

Okay, so the trick was as I assumed: It needs to be put in a VirtualHost.
For some reason I initially put a Listen 9111 in front of the config-code below, which is why it blocked something..Here's the code in case anyone is interested:
<VirtualHost *:9111>
ProxyPass / http://localhost:9111/
ProxyPassReverse / http://localhost:9111/
Header edit Origin http://myip:9111/ localhost:9111
RequestHeader edit Origin http://myip:9111 localhost:9111
Header edit Referer http://myip:9111 localhost:9111
RequestHeader edit Referer http://myip:9111 localhost:9111
<Location ~ "/(user/[^/]*)/(api/kernels/[^/]+/channels|terminals/websocket)/?">
ProxyPass ws://localhost:9111
ProxyPassReverse ws://localhost:9111
</Location>
LogLevel debug
</VirtualHost>

Apache No 'Access-Control-Allow-Origin' header

I tried to search between old questions but i didn't find how to figure out my issue
I have a LF site; all works pretty good; when i go on http://localhost:8080/ i have no problem and no error is shown on firebug and/or chrome console
I configured then, an Apache HTTP Server. All seems to me correct but when i try the URL http://localhost I see my site but some resources are not loaded. In chrome console (but also in firebug) I get the following error:
2(index):1 Font from origin 'http://localhost:8080' has been blocked
from loading by Cross-Origin Resource Sharing policy: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost' is therefore not allowed access.
I don't know how to figure out this issue. It seems to me an Apache configuration mistake.
This is my virtual host configuration:
<VirtualHost *:80>
#CORS
<Directory "/var/www/">
AllowOverride All
Order allow,deny
allow from all
</Directory>
# Always set these headers.
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
ProxyPass /c http://localhost:8080/c
ProxyPassReverse /c http://localhost:8080/c
ProxyPass /si http://localhost:8080/si
ProxyPassReverse /si http://localhost:8080/si
ProxyPass /image http://localhost:8080/image
ProxyPassReverse /image http://localhost:8080/image
ProxyPass /documents http://localhost:8080/documents
ProxyPassReverse /documents http://localhost:8080/documents
ProxyPass /html http://localhost:8080/html
ProxyPassReverse /html http://localhost:8080/html
ProxyPass /sprite http://localhost:8080/sprite
ProxyPassReverse /sprite http://localhost:8080/sprite
ProxyPass /combo http://localhost:8080/combo
ProxyPassReverse /combo http://localhost:8080/combo
ProxyPass / http://localhost:8080/web/mySimpleLog
ProxyPassReverse / http://localhost:8080/web/mySimpleLog
ErrorLog logs/mySimpleLog-error_log
CustomLog logs/mySimpleLog-access_log common
</VirtualHost>
It seems to me all correct... is there any other option i should put?
Do you have any idea where I'm wrong?
Thank you
Angelo

You're setting your CORS headers only on port 80, but the cross-origin part is from port 80 to port 8080 -- you should move the Header set ... outside of virtual host context or duplicate it in your 8080 vhost.

ProxyHTML to rewrite URL

I've got 2 apache servers set up. One on port 80 and another on port 8077. I'm wanting to see everything on the server on 8077 via a reverse proxy. At the moment I've got:
ProxyPreserveHost Off
ProxyHTMLInterp On
ProxyPass /translate/ http://www.example.com:8077/
ProxyPassReverse /translate/ http://www.example.com:8077/
ProxyHTMLURLMap / /translate/
This allows me to get to the initial page of the site, but the links to images, css and other pages don't work.
For example the css in the html shows as
/css/style.css
where I actually want it to be
/translate/css/style.css
For it to pick up the file from the 8077 server. What can I do with the current setting to get that to work?

Ok, this is what I ended up doing to get it working
ProxyPass /translate/ http://www.example.com:8077/
ProxyPassReverse /translate/ http://www.example.com:8077/
ProxyHTMLURLMap http://www.example.com:8087 /translate/
<Location /translate/>
ProxyPassReverse /
SetOutputFilter proxy-html
ProxyHTMLURLMap http://www.example.com:8077 /translate/
ProxyHTMLURLMap / /translate/
ProxyHTMLURLMap /translate/ /translate/
RequestHeader unset Accept-Encoding
</Location>
This seems to work well. The ProxyHTMLURLMap http://www.example.com:8077 /translate/ line was only needed to translate some "referrer" based urls that caused some pages to end up trying to serve directly from the 8077 port server.