How can I do a get API call, to redirect to another sever in Apache using htaccess, or any other configuration?
I want to use some other server to process my requests to get more performance, without changing my application logic.
i.e : i have following:
localhot/user/getInformation to 192.169.1.1/user/getinformation
RewriteEngine On
RewriteRule ^/user/getInformation http://192.168.1.1/user/getInformation [NC,L,R=301]
This will do a permanent redirect (301) from /user/getInformation to http://192.168.1.1/user/getInformation.
Related
I would like to limit any redirects to URLs within the same application. Is this possible with ISAPI Rewrite (mod_rewrite for IIS)? Basically I want to prevent against open redirection attacks.
One example is where a URL may come from a query string, or some other source. I want to check that any use of that URL, for a redirect, is only permitted if it's within the same domain. For example: Response.Redirect("some URL");
Mine is an ASP.NET application, running under IIS 6.
You can try to use the following to check the domain in query string and show 403 Forbidden if it's an external one:
RewriteBase /
RewriteCond %{QUERY_STRING} !^.*yourdomain.com.* [NC]
RewriteRule .? - [F]
You'll need to do that check on ASP.NET side, not to allow redirects outside your domain. Once redirect instruction is sent to client, your server will never get another chance to bump in because client will immediately go to other domain.
If you don't control ASP.NET code of this application you may try to use Helicon Ape (instead of ISAPI_Rewrite). Helicon Ape has more features and also offers outbound response rewrites, so it may intercept "redirect" response of your application before it is sent to client. Two options are available:
mod_header with "Header" directive;
mod_replace with "HeaderReplacePattern" directive
I'm trying to redirect to another server application running on a different port of the same box with apache HTTPD as the frontend server running on port 80. I'm using the rewrite engine and the following syntax to redirect calls:
RewriteRule ^/?products/(.*)$ http://www.example.com:9000/$1 [L]
This works great, but the url changes to port 9000 in the browser. Whenever I change the [L] to a [P] for proxy I get a 404, not found error in the browser.
How do I fix this so that the url doesn't change in the browser, but that it still works?
You need to make sure you have mod_proxy loaded, otherwise the P flag won't work.
You can also use the ProxyPass directive as part of mod_proxy in your vhost config.
I'm developing a webapp and for the static files I'm simply using apache at localhost while the backend is on a couchdb instance running at localhost:5984.
The webapp interacts with files from the backend all the time. So what is happening when trying to test on apache all file requests to localhost:5984 are getting blocked due the cross-domain policy so the only way to get that working is starting the browser by setting flags to ignore that.
But again I get stuck when trying to test the app on mobile such ipad or iphone.
Currently I have this on my .htaccess file.
RewriteEngine on
# these are 302 http redirections instead of serving as a proxy
RewriteRule auth http://localhost:5984/auth [L]
RewriteRule db/([\s\S]+) http://localhost:5984/db/$1 [L]
RewriteRule send/([\s\S]+) http://localhost:5984/send/$1 [L]
# these are just redirections to static files and work great
RewriteRule ^([a-z/.]+) _attachments/$1 [L]
RewriteRule ^$ _attachments/ [L]
As you can see I have really no idea on how to deal with apache configuration unfortunately.
But what is happening right now is that for some of these rules apache is simply redirecting the page instead of provide it as a proxy server which causes the issue with cross-domain.
Also on the first auth rule I send POST and DELETE requests which as a redirection instead of proxy it won't pass the data being POSTed through.
So what I would like to achieve is to activate some kind of feature (if it exists) which will make apache simply render the page as it was on the localhost domain instead of redirect it. (I named this a a proxy, but perhaps that's not even the right term, sorry for any mistake committed with the nomenclatures).
Is is possible to achieve such action?
Thanks in advance
Have a look at these links / options:
[P] flag:
http://httpd.apache.org/docs/current/rewrite/flags.html#flag_p
http://httpd.apache.org/docs/current/rewrite/proxy.html
mod_proxy (possibly -- but I think #1 should be enough if it's on the same server):
http://httpd.apache.org/docs/current/mod/mod_proxy.htm
I need to do the following on my apache webserver :
Redirect any URL starting with :
http://mydomain1.com/archive
to
http://mydomain2.com/archive
Is there a way using mod-rewrite or RewriteEngine to disguise that URL, so that the URL that appears in the browser is mydomain1.com ? I don't want to give away the fact that we are switching servers.
you could try a reverse proxy. This will allow you to take one url and forward the request to another server without the end user knowing.
Try adding this in the .htaccess from domain1.com/archive
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule (.*) http://mydomain2.com/archive [P]
</IfModule>
Edit: Tell me if you've tried this and if it worked or not.
That's not possible using mod_rewrite. If host changes then it has to be an external redirect using R flag.
A possible workaround is to make server to server call from inside your code on mydomain1 to mydomain2. If using php you can use file_get_contents function to make this happen.
I have a web site that I administer that uses Apache 2.0 on the front with Tomcat 6 on the back-end (with mod_proxy proxying the connection between the two).
I want to be able to use the same VirtualHost to also access the phpMyAdmin application running on the box. So, for example, www.mywebsite.com will pass all traffic to Tomcat, but www.mywebsite.com/myadmin (with obvious security) will pass traffic to phpMyAdmin.
How about using mod_rewrite instead of mod_proxy?
You can use the P modifier to send certain request (i.e. all those that aren't to /phpmyadmin*) through a proxy. This actually uses mod_proxy internally.
Something like this (not tested):
RewriteCond %{REQUEST_URI} !^/phpmyadmin
RewriteRule ^.*$ http://tomcat/$0 [P,L]