How to cache url and content with apache2 and proxy/reverse-proxy? - apache2.4

I have enable the cache and cache_disk module in my apache2 2.4.6 version.
I am unable to cache my url and its content to a directory, my apache configuration code is:
ServerAdmin webmaster#localhost
ServerName mysite.local
ServerAlias *
ProxyRequests off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
ProxyPreserveHost on
LoadModule cache_module modules/mod_cache.so
<IfModule mod_cache.c>
LoadModule cache_disk_module modules/mod_cache_disk.so
<IfModule mod_cache_disk.c>
CacheRoot /var/www/mysiteCache/
CacheEnable disk /
CacheDirLevels 5
CacheDirLength 3
</IfModule>
# When acting as a proxy, don't cache the list of security updates
CacheDisable http://security.update.server/update-list/
</IfModule>
Please give me idea how to cache my url data?
Thanks,
Vijay

Related

Apache, Issue routing a certain endpoint to a different port using Location

I'm trying to route any links that start with /api/ to port 3002 on my server but they always get routed to 3008. For example https://example.com/api/customers should be proxied/routed to localhost:3002
<VirtualHost *:443>
ServerAdmin (redacted)
ServerName (redacted)
ServerAlias (redacted)
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/(redacted)/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/(redacted)/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/(redacted)/chain.pem
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Location "/api\/(.*)/">
ProxyPass http://localhost:3002/
ProxyPassReverse http://localhost:3002/
</Location>
<Location "/">
ProxyPass http://localhost:3008/
ProxyPassReverse http://localhost:3008/
</Location>
</VirtualHost>
Using this config going to domain.com works and shows my website but domain.com/api/customers returns an error from the webapp on port 3008 so it's not being routed correctly (it should go to 3002).
The apps on port 3008 and 3002 are running correctly so that's not the issue.
I've tried putting domain/ first and domain/api last in the config file but that didnt seem to fix it. And the config file is enabled
I've tried different regexes to match the api endpoint aswell but this one should work
Apache is listening on port 443
These mods are enabled which should be needed for this:
proxy_module (shared)
proxy_http_module (shared)
proxy_wstunnel_module (shared)
Please let me know if you want any extra information
Modify your config as below and have a try.
Post the access log and curl response if not working.
curl -ILKv https://domain.name/api/anything
curl -ILKv https://domain.name/api
https://httpd.apache.org/docs/2.4/mod/mod_proxy.html
ProxyRequests Off
<Proxy *>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Proxy>
ProxyPass /api http://localhost:3002
ProxyPassReverse /api http://localhost:3002
I ended up solving it like this:
RewriteEngine on
RewriteRule "/api\/(.*)" "http://localhost:3002/api/$1" [P]
<Location "/">
ProxyPass http://localhost:3008/
ProxyPassReverse http://localhost:3008/
</Location>

Reverse Proxy with pgadmin and apache

I would like to setup the local pgadmin in server mode behind the reverse proxy. The reverse proxy and the pgadmin could be on the same machine. I tried to set up but it always fails.
Here is mypgadmin conf:
Listen 8080
<VirtualHost *:8080>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/pgadmin.crt
SSLCertificateKeyFile /etc/pki/tls/private/pgadmin.key
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule ssl_module modules/mod_ssl.so
WSGIDaemonProcess pgadmin processes=1 threads=25
WSGIScriptAlias /pgadmin /usr/lib/python2.7/site-packages/pgadmin4-web/pgAdmin4.wsgi
<Directory /usr/lib/python2.7/site-packages/pgadmin4-web/>
WSGIProcessGroup pgadmin
WSGIApplicationGroup %{GLOBAL}
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
</VirtualHost>
and my reverse proxy conf
Listen 443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
ErrorLog /var/log/httpd/reverse_proxy_error.log
CustomLog /var/log/httpd/reverse_proxy_access.log combined
SSLProxyEngine on
SSLProxyVerify require
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCACertificateFile "/etc/pki/tls/certs/ca-bundle.crt"
ProxyPreserveHost On
ProxyPass / https://localhost:8080/pgadmin
ProxyPassReverse / https://localhost:8080/pgadmin
</VirtualHost>
The httpd start but when I want to test it with
wget --no-check-certificate https://localhost/
it give me error 400
but the
wget --no-check-certificate https://localhost:8080/pgadmin
is working. Where is the problem in my config?
this work for me. I make pgadmin proxy to sub directory (https://localhost/pgadmin)
<VirtualHost *:80>
ServerName localhost
DocumentRoot "/var/www"
<Directory "/var/www">
AllowOverride all
</Directory
ProxyPass /ws/ ws://0.0.0.0:8888/
ProxyPass /phpmyadmin/ http://phpmyadmin/
<Location /pgadmin/>
ProxyPass http://pgadmin:5050/
ProxyPassReverse http://pgadmin:5050/
RequestHeader set X-Script-Name /pgadmin
RequestHeader set Host $http_host
</Location>
</VirtualHost>
Have you tried with latest version, I think it is fixed this commit Ref: LINK
Online Docs: https://www.pgadmin.org/docs/pgadmin4/dev/server_deployment.html
This config works,
use 0.0.0.0 for pgadmin docker, else use your ip
change port 5050 with your pgadmin port
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>
Cofigure with SSL, replace yourdomain.com with valid SSL for your domain
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/(.*)$ https://pgadmin.yourdomain.com/$1
</VirtualHost>
<VirtualHost *:443>
ServerName pgadmin.yourdomain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>

apache reverse proxy hhtps

Setting up apache reverse proxy
Client ==> Proxy ==> Server
This is on a windows machine on my local for testing have set an entry in my host file mapping the proxy dns to 127.0.0.1
httpd.conf
<VirtualHost *:443>
ServerName <proxy Server>
SSLEngine On
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLCertificateFile "<cert for proxy server>"
SSLCertificateKeyFile "<key for proxy server>"
ProxyPass / https://appserver.com/
ProxyPassReverse / https://appserver.com/
</VirtualHost>
I don't see any errors in the error.log while starting. When I make a request https://proxy.com there is no entry in access.log or error.log.
Can anyone see an issue with in the config or give some ideas?
Thanks
Rahul
You only need the following to do an SSL proxy:
<VirtualHost *:443>
ServerName <proxy Server>
SSLEngine On
ProxyPass "/" "http://www.example.com/"
ProxyPassReverse "/" "http://www.example.com/"
SSLCertificateFile "<cert for proxy server>"
SSLCertificateKeyFile "<key for proxy server>"
</VirtualHost>
The other stuff isnt necessary.
ok so it finally worked. Started from scratch
1. Added Listen 443 in httpd.conf it already had for port 80 (Listen 80)
2. Enabled modules one by one
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule ssl_module modules/mod_ssl.so
3. Uncommented httpd-vhosts.conf in httpd.conf
4. Added the following in httpd-vhosts.conf
<VirtualHost *:443>
ServerAdmin xyz#mail.com
DocumentRoot "c:/Apache24/htdocs"
ServerName <proxy Server>
ErrorLog "c:/Apache24/logs/error-ssl.log"
CustomLog "c:/Apache24/logs/access-ssl.log" common
ProxyRequests Off
ProxyPreserveHost Off
SSLProxyEngine On
SSLEngine on
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLCertificateFile "<cert for proxy server>"
SSLCertificateKeyFile "<Key for proxy server>"
ProxyPass / https://appserver.com/
ProxyPassReverse / https://appserver.com/
</VirtualHost>
and it started working. Had tried so many things and had so many changes that starting from start made sense. Mostly was missing the Listen 443 in the httpd.conf file

Using mod_proxy_cluster and mod_proxy in one VirtualHost of Apache (httpd) configuration

I had the environment with several JBoss and Tomcat servers. They are connected to Apache via modcluster modules (to Apache IP address and port 8090). The Apache contains the configuration:
loadbalancer.conf
LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
LoadModule advertise_module modules/mod_advertise.so
Listen *:8090
<VirtualHost *:8090>
<Location /mod_cluster_manager>
SetHandler mod_cluster-manager
Order deny,allow
Deny from 8.8.8.8
Allow from all
</Location>
KeepAliveTimeout 60
MaxKeepAliveRequests 100
EnableMCPMReceive
ManagerBalancerName My_Cluster
AdvertiseFrequency 5
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
ProxyPass /other_app http://192.168.100.70:8080/other_app
ProxyPassReverse /other_app http://192.168.100.70:8080/other_app
ProxyPass / balancer://My_Cluster
</VirtualHost>
All work ok but one new application doesn't support connection to Apache. I need to use ProxyPass. When I insterted the ProxyPass to 443 virtual host so all balanced contexts stopped to work. When I inserted:
ProxyPass / balancer://My_Cluster
The /other_app context stopped work.
Can you advise me how configure context /other_app handling by ProxyPass and all other contexes by modcluster balancer?
Try using the following top level directive (add just below the LoadModule's)
#This is needed to prevent mod_cluster creating balancer for all VH's
CreateBalancers 1
Managed to do it with the following:
ProxyPass /other_app http://192.168.100.70:8080/other_app
ProxyPassReverse /other_app http://192.168.100.70:8080/other_app
ProxyPass /other_app !
ProxyPass / balancer://My_Cluster
Inspired by https://serverfault.com/questions/363788/serve-all-requests-via-proxy-except-a-specific-one

Need help setting up: Apache Reverse Proxy

I have some trouble setting my virtualhosts file up the right way.
I'd like to send vistors to the right server by using reverse proxy.
My current setup gives me an internal error.
i have only 1 public ip and want to proxy the visitor on the condition of the right servername to one of the local virtual servers.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName sub.domain.com
ServerAdmin me#domain.com
ProxyPreserveHost On
ProxyPass / http://192.168.1.11:80
ProxyPassReverse / http://192.168.1.11:80
</VirtualHost>
<VirtualHost *:80>
ServerName otherdomain.com
ServerAdmin me#domain.com
ProxyPreserveHost On
ProxyPass / http://192.168.1.12:80
ProxyPassReverse / http://192.168.1.12:80
</VirtualHost>
If someone can find anything I'm doing wrong or has another way to achieve my goal i'd love to hear so..
Got it working! used the following setup:
<VirtualHost *:80>
ServerName sub.domain.com
ServerAdmin me#domain.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://192.168.1.11/websvn/
ProxyPassReverse / http://192.168.1.11/websvn/
</VirtualHost>
the /websvn/ part was neccesary to include the css and other files properly
In another loaded .conf file:
LoadModule proxy_connect_module /usr/lib/apache2/modules/mod_proxy_connect.so
LoadModule proxy_ftp_module /usr/lib/apache2/modules/mod_proxy_ftp.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
Which is used to inlcude the neccesary modules