I am using apache to proxy to tomcat webapps, which works fine. I previously had tomcat listen directly on :8080, so I would like to inform users of my webapp of the move. To that end, I defined a vhost to listen to 8080 where a static html page should be served with the new link. To that end, I defined the following vhost:
Listen 8080
NameVirtualHost domain.example.com:8080
<VirtualHost domain.example.com:8080>
ProxyPass /webapp !
DocumentRoot /var/www/htdocs/vhost-8080
</VirtualHost>
Where the directory vhost-8080 has an index.html with the new link in it.
But every time I load domain.example.com:8080/webapp, I am directed towards tomcat and the webapp, even though domain.example.com:8080/ loads the index.html file I put in the vhost-8080 directory. How can I prevent proxying on this port and only enable it on 80?
For the sake of completeness, here's my proxy configuration:
ProxyPreserveHost On
ProxyRequests Off
<Proxy ajp://localhost/webapp >
Order Deny,Allow
Deny from none
Allow from all
</Proxy>
<Location /webapp>
ProxyPass ajp://localhost:18009/webapp timeout=1200
ProxyPassReverse http://localhost/webapp
</Location>
Tomcat has ajp connector enabled and http connector disabled.
Related
I deploy a website war in wildfly named testDom-0.1 with apache httpd reverse proxy on. After logging in successfully, the default successful URL in spring security is "/booking", but the browser always get "testDom-0.1/booking" and then complain 404 error, if manually change the url into /booking, the page can be accessed without problem.
http.formLogin()
.loginPage("/denglu").permitAll()
.defaultSuccessUrl("/booking",true)
<VirtualHost *:80>
ProxyRequests off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/testDom-0.1/
ProxyPassReverse / http://127.0.0.1:8080/testDom-0.1/
ProxyPassReverseCookiePath /testDom-0.1 /
<proxy>
Order deny,allow
Allow from all
</proxy>
</VirtualHost>
The expected return url should be localhost/booking not localhost/testDom-0.1/booking
I have php service running on mydomain.com, and I have node application running on mydomain.com:8000, now I try to map sub.mydomain.com to mydomain.com:8000 using apache's virtual host.
I've setup blog.mydomain.com to resolve to mydomain.com in DNS
but the problem is no matter how I try to write the config file, things went wrong
<VirtualHost sub.mydomain.com:80>
ServerName blog.gespiton.cn
ProxyRequests On
<Location />
ProxyPreserveHost On
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
when I write sub.mydomain.com as virturalhost, it has none effect. but if I change it to *:80, all the urls are routed to mydomain.com:8000
how can I only route sub.mydomain.com to 8000 port and mydomain.com in port 80
I have been trying to setup a reverse proxy using apache 2 mod_proxy and the proxypass & proxypassreverse directives.
I am installing WSO2 Identity Server and wish to access that app using a url such as the following .
hxxp://myserver.domain.com/wso2/
The myserver.domain.com is accessible on the internet
Internally on my network I have set up a virtualhost running in my apache2 configuration with the following parameters:
For various reasons, port 80 is unavailable and the virtualhost must stay as :8080.
Finally, here is my virtual host configuration
<VirtualHost *:8080>
<Location /wso2/>
ProxyPass hxxps://internal.wso2.node:9443/
ProxyPassReverse hxxs://internal.wso2.node:9443/
</Location>
ProxyVia On
ProxyPreserveHost Off
ProxyAddHeaders Off
ProxyRequests Off
SSLProxyEngine On
SSLProxyCheckPeerCN Off
</VirtualHost>
The issue:
I can use my web browser ( Firefox/Chrome) to request the http://myserver.domain.com/wso2/ resource. In my log files I see that the request does hit the apache server and the virtualhost catches the /wso2/ location.
It passes through the proxy and lands on the internal.wso2.node server. however, the product WSO2 IS preforms several redirects which, in the log files I see it requesting the resource with the port appended.
Here is the request flow
hxxp://myserver.domain.com/wso2/ -> hxxps://internal.wso2.node:9443/
REDIRECT x3
hxxps://internal.wso2.node:8080/carbon ->
hxxps://internal.wso2.node:8080/carbon/admin/login.jsp
Back to my web browser
hxxp://myserver.domain.com:8080/wso2/carbon/admin/login.jsp
For some reason the apache response back appends its virtual host to the url I am requesting.
If I remove the port:8080 and request again the full url it will access the resource fine. However any attempt to access using only http://myserver.domain.com/wso2/ will result in redirects and the port appended.
As per covener's suggestion the culprit in this case proved to be the following directives:
UseCanonicalName Off
UseCanonicalPhysicalPort Off
Additionally, the web app I am trying to access makes use of sessions and cookies, therefore we must also proxy those, see the added directives under the ProxyPass & ProxyPassReverse.
Therefore the updated virtualhost configuration file should now look like this
<VirtualHost *:8080>
ServerName: myServer.domain.com
UseCanonicalName Off
UseCanonicalPhysicalPort Off
<Location /wso2/>
ProxyPass hxxps://internal.wso2.node:9443/
ProxyPassReverse hxxs://internal.wso2.node:9443/
ProxyPassReverseCookiePath / /wso2/
ProxyPassReverseCookieDomain internal.wso2.node myserver.domain.com
</Location>
ProxyVia On
ProxyPreserveHost Off
ProxyAddHeaders Off
ProxyRequests Off
SSLProxyEngine On
SSLProxyCheckPeerCN Off
</VirtualHost>
I'm already using mod_proxy to redirect from example-domain.com to example-domain.com:8080, well without CloudFlare (reserve proxy) it works... but with CloudFlare it just response an error 1000 DNS points to prohibited IP. Any chances to get trough this and still use CloudFlare to protect myself? I don't want that the address show something like this with mod_rewrite http://example-domain.com:8080, that's why I'm redirecting, hosting on port 80 is impossible so no changes there.
My vhost config:
<Directory /var/www/example-domain.com>
AllowOverride None
Require all denied
</Directory>
<VirtualHost *:80>
DocumentRoot /var/www/example-domain.com/web
ServerName example-domain.com
ServerAlias www.example-domain.com
ServerAlias alias.example-domain.com
ServerAdmin webmaster#example-domain.com
ProxyPreserveHost On
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://example-domain.com:8080/
ProxyPassReverse / http://example-domain.com:8080/
</VirtualHost>
Regardless of what port you are accessing CloudFlare through, CloudFlare has a tendency to try port 80/443 first. If it can connect to these ports during it's own proxying it stops there and then does not try the port you actually wanted (in your case 8080).
Therefore this looks like a cyclic loop, you are pointing your requests from CloudFlare to proxy to point back through CloudFlare to the server at port 8080. CloudFlare is then stripping the port 8080 and connecting via a plain connection.
The best way to fix this is to simply to set your ProxyPass to go through a URL that doesn't run through the CloudFlare network or simply through localhost.
So either change the ProxyPass in your VirtualHost to:
ProxyPass / http://direct.example-domain.com:8080/
ProxyPassReverse / http://direct.example-domain.com:8080/
Where direct.example-domain.com does not route through the CloudFlare network (a grey cloud in your CloudFlare DNS, providing you're doing a full-host CloudFlare set-up).
Alternatively change your proxy pass to go via the localhost:
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
Have fun!
I'm having trouble with making a subdomain to my Windows computer while using AJP to proxy to Tomcat. This is what I have in my httpd.conf file:
<VirtualHost *:80>
ServerName subdomain.localhost
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/folder/
ProxyPassReverse / ajp://localhost:8009/folder/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
The subdomain has been added to `c:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 subdomain.localhost
When I go to http://localhost i goes straight to the proxy. When I go to http://subdomain.localhost i goes to the proxy as well. How do I make is so the subdomain only goes to the proxy and the regular goes to Apache?
You need to declare a second VirtualHost with localhost as the ServerName.
This should probably be moved to superuser.com but one thing to try:
<VirtualHost *:80> informs it to accept all incoming connections on port 80 to use these settings. I would try changing it to say:
<VirtualHost subdomain.localhost:80>
and see if that only applies these settings when the subdomain is used.
The ServerName tag that you put with the subdomain doesn't tell it who to listen for. The official documentation states:
The ServerName directive sets the
hostname and port that the server uses
to identify itself. This is used when
creating redirection URLs. For
example, if the name of the machine
hosting the web server is
simple.example.com, but the machine
also has the DNS alias www.example.com
and you wish the web server to be so
identified, the following directive
should be used:
You can read more on these configurations here.