Apache HTTP Server, Tomcat and rewriting - apache

Scenario:
Apache reverse proxy to Tomcat:
https://sub-domain.example.com:8080/app
To this:
https://sub-domain.example.com/app
When resolving to the app, it appends like so:
https://sub-domain.example.com/app/somedir/some.jsp
Is there a way in the request handling process we can remove the last appendage so the end-user just sees the following:
https://sub-domain.example.com/app
Our current Apache configuration:
ServerName sub-domain.example.com
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [L,R]
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateChainFile /etc/pki/tls/certs/VendorCA.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
ServerName sub-domain.example.com
ServerAdmin admin#sub-domain.example.com
ErrorLog logs/sub-domain.example.com-error_log
CustomLog logs/sub-domain.example.com-access_log common
ProxyPass /app http://localhost:8080/app/
ProxyPassReverse /app http://localhost:8080/app/
</VirtualHost>
Any help will be really appreciated.

Related

Apache proxy pass is redirecting instead of acting like a real proxy

I'm trying to hide the port of a deployed container and preserve the original url using ProxyPass.
I've probably missconfigured something because instead of simply keeping the original address I get a redirect to the container address (example.com:8014 instead of keeping subdomain.example.com). The HTTP response is: 301 Moved Permanently (from service worker).
This is the virtual host containing the proxy:
<VirtualHost *:80>
ServerName subdomain.example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =subdomain.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
LoadModule proxy_http_module modules/mod_proxy_http.so
SSLProxyEngine On
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.example.com/privkey.pem
ProxyPreserveHost On
ProxyPass / https://example.com:8014/
ProxyPassReverse / https://example.com:8014/
</VirtualHost>
And this is the virtual host inside the container:
<VirtualHost *:80>
ServerName example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com:8014
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName example.com
<Directory /var/www/html>
AllowOverride All
</Directory>
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLOptions +StrictRequire
SSLCertificateFile /etc/apache2/fullchain.pem
SSLCertificateKeyFile /etc/apache2/privkey.pem
</VirtualHost>
The container ports are mapped as follow: 80->8012, 443->8014.
My goal is to reach example.com:8014 using subdomain.example.com without changing the address.
Also Im not even sure why when using example.com:8012 I'm not being redirected to https on port 8014.
The issue must be in the container virtual host because it's it that is generating the 301 status code.

The configuration works just fine.
I would advice clearing google chrome's cache when something like this happens.

Proxy not redirecting

I have the following Apache config file. When someone types in http://mywebsite.com it is not redirecting them to https. Why?
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123/"
ProxyPassReverse "/" "http://10.0.1.123/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteCond %{SERVER_NAME} =www.mywebsite.com
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
ProxyPreserveHost On
ProxyPass "/" "http://10.0.1.123:80/"
ProxyPassReverse "/" "http://10.0.1.123:80/"
ServerName www.mywebsite.com
ServerAlias mywebsite.com
ServerAdmin admin_ws1#mywebsite.com
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.mywebsite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.mywebsite.com/privkey.pem
</VirtualHost>

<VirtualHost *:80>
...
ProxyPass "/" "http://10.0.1.123/"
...
RewriteRule ^ https://mywebsite.com%{REQUEST_URI} [END,NE,R=permanent]
The ProxyPass is telling Apache to work as reverse proxy and forward the request to the real server. The RewriteRule instead is telling Apache to answer the request itself with a redirect to the HTTPS version of the site. Obviously it cannot do both at the same time, so there is a conflict. Please remove Proxy* rules and keep only the Rewrite* rules on port 80.

How to do some url direct to one www folder , and other url to proxy pass in apache2

I have following urls:
www.demo.com/a
www.demo.com/b
www.demo.com/c
www.demo.com/d
I want to direct a and b to directory. But I want to redirect c and d to proxy pass to some url.
I know how to do to proxypass or directory search. However, I am not able to find method to both .
I have following thing set up to convert http to https then proxy pass it.
UseCanonicalName On
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName demo.com
ServerAlias demo.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =demo.com [OR]
RewriteCond %{SERVER_NAME} =demo.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName demo.com
ServerAlias demo.com
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/demo.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/demo.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Any one know how to change code to reflex that

Option1:
You can use proxyPass for c and d.
ProxyPass /c http://127.0.0.1:8000/c
ProxyPassReverse /c http://127.0.0.1:8000/d
ProxyPass /d http://127.0.0.1:8000/d
ProxyPassReverse /d http://127.0.0.1:8000/d
In this case c and d will serve from ProxyPass and the remaining request will serve from Apache HTTP.
Option2:
ProxyPass /a !
ProxyPass /b !
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
This option will serve request a and b from Apache and the remaining request will serve from ProxyPass server.
You can refer link for more information

https doesn't work on Xampp

how to make https run on xampp. I'm creating a website but if called with https: // does not work.
i try
DocumentRoot C:/xampp/htdocs/yourProject
ServerName yourProject.whatever
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
and
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
results:
enter image description here
thank you very much.

Make sure your server is listening on port 443. Example:
<VirtualHost *:443>
ServerName www.foo.com
DocumentRoot /var/www/www.foo.com/htdocs
CustomLog /var/log/apache/www.foo.com-access.log combined
ErrorLog /var/log/apache/www.foo.com-error.log
# Example SSL configuration
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/var/www/www.foo.com/ssl/server.crt"
SSLCertificateKeyFile "/var/www/www.foo.com/ssl/server.key"
</VirtualHost>
Source: https://wiki.apache.org/httpd/ExampleVhosts

Apache httpd24 with mod24_ssl is not redirecting from http to https

I have my Amazon linux server and I had been installed httpd24 and mod24_ssl.
I had been setup ssl certificate in /etc/httpd/conf.d/ssl.conf file with https redirect instructions:
<VirtualHost *:80>
ServerName example.com:80
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost _default_:443>
ServerName example.com:443
SSLEngine on
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
SSLCertificateFile /etc/example.com/cert.pem
SSLCertificateKeyFile /etc/example.com/privkey.pem
SSLCertificateChainFile /etc/example.com/chain.pem
</VirtualHost>
But the httpd starts normally without any issue. But the redirection is not working. I have other file /etc/httpd/conf/httpd.confhere. What I might have missed.? I come across many articles but those didn't solve my problem.

You are missing RewriteEngine onPlease add that to the config file and restart Apache. Check edited below.
<VirtualHost *:80>
ServerName example.com:80
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost _default_:443>
ServerName example.com:443
SSLEngine on
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
SSLCertificateFile /etc/example.com/cert.pem
SSLCertificateKeyFile /etc/example.com/privkey.pem
SSLCertificateChainFile /etc/example.com/chain.pem
</VirtualHost>