I'm deploying a Web2py application via CentOS VPS on Bluehost with Apache pre-installed.
I've manually gone through the process of installing Web2py, Python, and some additional software in /home/username. When I run the following command in /home/username/web2py to launch Web2py via Rocket at port 8000 python web2py.py --ip xxx.xx.xx.xx --port=8000, I and others can successfully visit http://xxx.xx.xx.xx/8000 or http://mywebsite.com/8000 to view Web2py's welcome screen (and ultimately my application).
However, when I attempt to run python web2py.py --ip xxx.xx.xx.xx --port=80, so that I can visit the application at http://xxx.xx.xx.xx/ or http://mywebsite.com/, I receive the following error:
ERROR:Rocket.Errors.Port80:Socket in use by other process and it won't share
Apache is already running on port 80. Ultimately, I'd like the user to visit the application at http://xxx.xx.xx.xx/ or http://mywebsite.com/. How do I make this happen in my current configuration WITHOUT using one step production deployment described here: http://web2py.com/book/default/chapter/13#Apache-setup?
I'm interested in how to do this in each of the following three ways:
1) Using the pre-installed Apache server already on port 80.
2) Using the Web2py's built-in Rocket server on port 80, thus adjusting the system so that the pre-installed Apache server is ignored and port 80 opened.
3) Using the built-in Rocket server on another port, say 8000, but doing so in such a way that the user can still access the site and all of its functionality by visiting http://xxx.xx.xx.xx/ or http://mywebsite.com/. THis means that they would NOT need to append 8000 to the url (as in http://xxx.xx.xx.xx/8000 or http://mywebsite.com/8000).
Thank you.
A port can only be used by one application. So you can't run both an Apache and a web2py server on the same port (e.g. port 80).
All ports from 0 to 1024 are privileged ports. This means only a superuser can assign an application to the port. Typically this can also produce sayed error message, that the port is in use (even if there is no application listening to the port)
Case 1 and 3 - Using the Apache-Server but not mod_wsgi:
I assume you don't want to use modwsgi or any wsgi on you apache. Than you have to proxy you application with mod_proxy:
<VirtualHost *:80>
Alias / /users/www-data/web2py/applications
### serve static files directly
<LocationMatch "^/static/.*">
Order Allow, Deny
Allow from all
</LocationMatch>
### proxy all the other requests
<Location "/">
Order deny,allow
Allow from all
ProxyRequests off
ProxyPass http://localhost:8000/
ProxyPassReverse http://localhost:8000/
ProxyHTMLURLMap http://127.0.0.1:8000/ /
</Location>
You have to adjust the Locations to your actual setup and the web2py server has to be running.
Case 2 - Not using apache:
In this case you have to stop the apache server and start you application with a privileged account (e.g. root):
sudo python web2py.py --ip xxx.xx.xx.xx --port=80
Hope this helps ;)
Related
I am new in Apache's world, and I need to connect a server (Ubuntu system ) located in my DMZ area to a Tomcat server (Windows server System) in my network. So I wrote on my Ubuntu Apache /etc/apache2/sites-available/default-ssl:
<VirtualHost *:443>
<Location /example>
ProxyPass http://tomcatIP:8080/example/
ProxyPassReverse https://mydomain/example/
</Location>
</VirtualHost>
I restart my Apache and on the browser doesnt display anything, however if i choose source code I can see all the php, javascript, html code.
I checked the log from Apache and there are a lot logs like this:
AH00128: File does not exits: /var/html/...
I checked my firewall and everything is correct. I don`t know why my apache doesn't search on Tomcat server. Do I need more code? on apache.conf?
Many thanks for the help
You need to configure AJP Connector on Web-Server and on Tomcat Application Server.
https://tomcat.apache.org/tomcat-4.0-doc/config/ajp.html
Afer read documentation, I checked the Tomcat configuration and I watched that it wasn't the "tipical" Tomcat, it completly customized for Servicedesk software, and after many tries and fails I couldn't do anything, finally the costumer service told me that is impossible an Apache connection. ¬¬
Thanks anyway!!
Sorry if the question is not that clear.
To illustrate what I want to do, I will give an example:
Application Link:
http://123.123.123.123:8080/KagodPaMore/
Domain:
http://www.iyotbihagay.com/
I wanted my application to be accessed using the link:
http://www.iyotbihagay.com:8080/KagodPaMore/
Also, I wanted it to redirect to the link above whenever the user will enter the following links:
http://www.iyotbihagay.com:8080/
http://www.iyotbihagay.com/
I have no idea on how to implement this.
- My application is served in Amazon EC2
- My domain service is on only-domains (but I cannot see any port options there where I could set the port)
- My server is JBoss Wildfly utilizing port 8080
- I have apache web server installed using port 80 (but not used)
- My amazon server (virtual) is configured on Ubuntu 14.04
hope someone could guide me in the right direction since I do not know how I could set this.
TIA
Application Link:
http://123.123.123.123:8080/KagodPaMore/
Domain:
http://www.iyotbihagay.com/
Objective:
http://www.iyotbihagay.com/ OR http://www.iyotbihagay.com/KagodPaMore/
Processes or Steps done to solve the issue:
* Use Apache Virtual Host - Proxy for default port (80):
For ubuntu apache: You may edit the default site configuration (/etc/apache2/sites-available/000-default.conf).
Add Virtual Host for port 80 to serve as proxy for the port 8080 and KagodPaMore application.
<VirtualHost *:80>
ServerName localhost
ProxyPreserveHost On
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /KagodPaMore http://localhost:8080/KagodPaMore/
ProxyPassReverse /KagodPaMore http://localhost:8080/KagodPaMore/
ProxyPass / http://localhost:8080/KagodPaMore/
ProxyPassReverse / http://localhost:8080/KagodPaMore/
</VirtualHost>
Save changes on the site configuration.
Restart Apache 'sudo service apache2 restart'
Now, you may access the application using:
* http://localhost:8080/KagodPaMore/
* http://localhost:8080/
Note: Do this on the server (123.123.123.123).
With this, you access the server like
'http://123.123.123.123/' it will be pointed to 'http://123.123.123.123:8080/KagodPaMore/' Or Locally like 'http://localhost/' it will be pointed to 'http://localhost:8080/KagodPaMore/'
Set your Domain Server's Main Address (Example: OnlyDomains) to '123.123.123.123'.
This is if you will use the domain server's own NS Servers.
For OnlyDomains, edit 'iyotbihagay.com' zone records and set
'#' - A Record -> '123.123.123.123'
'www' - A Record -> '123.123.123.123'
If you will delegate your own NS Server, make sure that you set your NS servers to point to '123.123.123.123'.
This way, you can I can access my web application by:
http://www.iyotbihagay.com/ or http://www.iyotbihagay.com/KagodPaMore/
Good Luck!
You can do:
Map your domain name to IP address, i.e. create A record www.iyotbihagay.com to 123.123.123.123. No need to specify port in here.
If you use Elastic Load Balancer (ELB), you can create a CNAME record to your ELB endpoint.
Configure Apache to accept request from port 80 and redirect it to port 8080. You can use mod_alias or mod_rewrite.
For the same thing, you need to configure JBoss Wildfly to rewrite/redirect the URL. (disclaimer: I'm not familiar with JBoss Wildfly)
Ensure to allow ingress to port 80 and 8080 on your Security Group.
I have a CentOs 7.1 with Apache httpd running on port 9000.
So if i type in my browser: http://192.168.56.101:9000/ I see the Apache Testing 123 Page.
I also have a GitLab Server running on port 8888, but this port is closed by the firewall.
I want that Apache redirects traffic to http://192.168.56.101:9000/gitlab internally to the GitLab server.
I have done this in my Apache config file /etc/httpd/conf/httpd.conf:
<VirtualHost *:9000>
ProxyPass /gitlab http://192.168.56.101:8888/users/sign_in
ProxyPassReverse /gitlab http://192.168.56.101:8888/users/sign_in
</VirtualHost>
When users browse to http://192.168.56.101:9000/gitlab the login page appears (css seems broken though), but when logging in this appears:
Not Found
The requested URL /users/sign_in was not found on this server.
Is this something that is configurable with Apache and if so how?
Do I need to use some sort of Url-Rewriting, if yes which and how to get started?
All the links in gitlab will presume you are pointing at the original server.
So you need to look at mod_proxy_html to also replace these links in the HTML:
https://httpd.apache.org/docs/2.4/mod/mod_proxy_html.html
I've been having problems attempting to implement a reverse SSL proxy on Apache for an HTTP application on Ubuntu 14.04. As a baseline, the application works fine when I access it via port 8000 in the browser normally. For all intents and purposes, let's say the IP of my app is 192.141.56.11 (I do not have a domain name yet). The application runs with HTTP Basic Auth, I don't know if it's relevant. Basically I'm fishing for some glaring error here and would be grateful if you could help me out. Here is a log of my process:
I created my SSL cert and key and put them in the following locations:
/etc/apache/ssl/apache.crt (I performed chmod 644 here)
/etc/apache/ssl/apache.key (I performed chmod 400 here)
I then installed:
apt-get install apache2
a2enmod proxy
a2enmod ssl
a2enmod proxy_http
I then disabled the default config with:
a2dissite 000-default
I created the file "/etc/apache2/sites-available/redirect.conf"
I then created the file "/etc/apache2/sites-available/redirect.conf" and copied the text below:
<VirtualHost *:80>
Redirect "/" "https://192.141.56.11"
</VirtualHost>
After, I created the file "/etc/apache2/sites-available/reverse_proxy.conf" and copied below:
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/apache/ssl/apache.crt
SSLCertificateKeyFile /etc/apache/ssl/apache.key
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
and did:
service apache2 restart
I now attempt to access the UI of the application on another machine in the Chrome browser. When trying:
https://192.141.56.11
I get a general SSL connection error.
However, trying
http://192.141.56.11:8000
gives me the application, as if none of my config changed anything. However,
192.141.56.11:80
gives me an "Index Of" page with an html folder that says "Apache/2.4.7 (Ubuntu) Server at 192.141.56.11 Port 80"
192.141.56.11:443
gives me the same result except with "Apache/2.4.7 (Ubuntu) Server at 192.141.56.11 Port 443"
I've tried all manners of configurations but can't get what I want -- any ideas here?
EDIT: I tried https[:]//192.141.56.11 and got a more specific SSL error:
received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)
EDIT2: After running apache, I get this warning;
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
I suppose this is fine as I am using an IP and not a domain name.
EDIT3: It turns out I needed to do:
a2ensite reverse_proxy.conf.
Now https[:]//192.141.56.11 works but defaults to an apache page. working on this.
EDIT4: I had to do
a2dissite default-ssl.conf
Now It actually redirects to the app on https[:]//192.141.56.11!! But I can still access the app via port 8000, which is bad {still working on}
EDIT5: IN the end, I couldn't figure out how to block access to the original app via port 8000 on Apache. Instead, I just implemented iptables on the server so that it can only be accessed via HTTPS. This is probably not the correct method. but all I could think of.
My work runs a couple different internal web apps on an ubuntu server (10.10) running apache. I'm currently developing another web app, and am seriously considering developing on top of a custom-built node.js web server. My reasoning for wanting to do this is:
Speed/Scalability
Security - Pages will be served with a switch...case, instead of just serving the (potentially malicious) user whatever they ask for.
Ease of setup - my intentions are for this to be an open-source project, and node.js is much easier for users to set up, rather than dealing with apache/IIS/etc.
My question is, on a server where I've got apache listening to port 80, how can I pass off a certain subdomains to node.js. I've seen a couple articles about using apache virtual hosts to pass it off, but that seems to defeat the purpose of using node.js. If I have to go through apache, then all three of my reasons for avoiding apache/IIS have voided themselves.
I know I could use a different port (:8080?), but from an end-user standpoint, it's pretty confusing having to put in custom ports. Any alternative ideas?
Thanks
<VirtualHost *:80>
ServerName subdomain.yourdomain.com
ProxyPreserveHost on
ProxyPass / http://localhost:8080/
</VirtualHost>
Thanks to http://www.chrisshiplet.com/2013/how-to-use-node-js-with-apache-on-port-80/
if socket.io node is running, be sure to enable also few apache mods:
a2enmod proxy
a2enmod proxy_balancer
a2enmod proxy_express
a2enmod proxy_http
in file /etc/apache2/sites-available/chat.example.com.conf
<VirtualHost *:80>
ServerName chat.example.com
<Location "/">
ProxyPreserveHost On
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
then of course service apache2 reload
How about doing things the other way round : bind node to port 80, handle the traffic targeted at the subdomain and use it as a reverse proxy to apache for everything else ?
Let me start from the ground up:
You have a DNS. And a dns server maps one DNS to one IP!
You then have apache running on your computer that listens for connections on port 80 for http:// and on port 443 for https://. http://example/ is actually a request on http://example:80/.
You can't use node.js to listen on the same machine on the same port as apache. That's why using port 8080 is viable.
You can also map the subdomain to a different IP. The only caveat here is that you need to have a public IP Address.
You can't serve port 80 from both Apache and node.js. Having Apache as a reverse proxy wouldn't be much efficient and that's why nginx is popular in this scenario. Other alternative than nginx based reverse proxy can be as Khez suggested mapping your subdomain to different IP address which will node.js program listen to or maybe use node.js itself as a reverse proxy for Apache.
You could configure a virtual host in apache for your new site and add a permanent redirect within it to the localhost and port used by node.js.
This is how I do it on a server with several other virtual hosts and my node.js application running on port 3000:
NameVirtualHost *:80
[Other virtual hosts omitted for brevity]
...
ServerName mynewsite.com
RedirectMatch (.*) http://localhost:3000$1