Is it possible to combine rewrite rules with jk_mod with server side forward?
I have a simple configuration
RewriteEngine On
RewriteRule ^/$ /myapp [R]
JkMount /* worker_1
This works great when using the redirect flag but fails to run without it. What I want to achieve is a server side forward so the user's browser bar doesn't notice the rewrite.
Thank you.
Give a try to mod_proxy_http, You need to enable mod_proxy and mod_proxy_http:
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
Then in your VirtualHost section:
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /css !
ProxyPass /img !
ProxyPass /js !
ProxyPass / http://localhost:8080/myapp/
ProxyPassReverse / http://localhost:8080/myapp/
Note: the ProxyPass /xxx ! are not needed from your question. I just wanted to show how to exclude some URI from being 'translated'
Related
I'm a rookie, but I've struggled with this for some time and I am definitely doing something wrong.
We use Apache 2.4 as the front of our internal web pages.
When I try to forward a request to a port other than 80, it goes crazy and is redirected several times
http://demos.company.com/demos.company.com/demos.company.com/demos.company.com/demos.company.com/demos.company.com/demos.company.com/[...]/demos.company.com/WebApplicationFail
httpd.conf:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
<VirtualHost *:80>
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*) %{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile "C:/Program Files/Apache24/conf/ssl/company.crt"
SSLCertificateKeyFile "C:/Program Files/Apache24/conf/ssl/company.key"
SSLCertificateChainFile "C:/Program Files/Apache24/conf/ssl/CA.pem"
# Proxy configuration
ProxyPreserveHost On
ProxyRequests Off
ServerName demos.company.com
ProxyPass /WebApplicationOK http://10.0.0.160/WebApplicationOK
ProxyPassReverse /WebApplicationOK http://10.0.0.160/WebApplicationOK
ProxyPass /WebApplicationFailRoute http://10.0.0.125:8000/WebApplicationFail
ProxyPassReverse /WebApplicationFailRoute http://10.0.0.125:8000/WebApplicationFail
</VirtualHost>
We need to maintain the redirection of every http request to https.
If possible, we need that the Internet address "https://demos.company.com/ThisContext" show the intranet web "http://10.0.0.125:8000/OtherContext".
Thanks in advance.
That's the problem with adding complex directives for trivial tasks.
You have a Virtualhost which uses port 80, why even check for SSL?, everything it will receive will not be SSL.
Also the rewrite directive is missing the scheme.
So just:
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [R,L]
If you don't need to use variables, for variable host names I would go even simpler:
Redirect / https://whateverhost.example.com/
Rule to success in httpd: Go always with the most simple option.
I've got it, it simple actually. You just only add those lines for redirection from below to your ssl.conf I guess
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName XXXX.ddns.net
# These are your SSL settings; your responsibility
SSLCertificateFile /etc/letsencrypt/live/XXXX.ddns.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/XXXX.ddns.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
# Your document root; where the JavaScript application lives
DocumentRoot /var/www/html
<Directory /var/www/html/ >
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride None
Order Allow,Deny
Allow From All
</Directory>
# Reverse proxy settings for API (custom redirection https to specific port)
ProxyRequests Off
ProxyPreserveHost On
<Location /api >
ProxyPass http://127.0.0.1:3000/api
ProxyPassReverse http://127.0.0.1:3000/api
</Location>
</VirtualHost>
I have installed the apache httpd service and tried to set up load balancing.
I want to rewrite requests on a specific condition - when the Host header is "images.server.com", I want to rewrite the request, adding "/images/" to the URI and then proxy it to my upstream server.
The mod_proxy module comes perfectly for the task: https://httpd.apache.org/docs/current/rewrite/proxy.html
Well, not so great - my setup is the following:
<Proxy balancer://mycluster>
BalancerMember http://xxx.xx.xx.xx:8080
</Proxy>
ProxyPreserveHost On
RewriteEngine On
RewriteCond %{HTTP_HOST} ="images.server.com"
RewriteRule "/(.*)" "/images/%1" [P]
ProxyPass /images balancer://mycluster/images
and it is not working :(
Please help me figure out where is the flaw in this configuration.
P.S. I have loaded the modules:
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
Don't use both the 'P' flag and ProxyPass. If you're going to use the 'P' flag, use balancer://... in the substitution and drop ProxyPass entirely.
I'm using Apache 2.4 with mod_jk and Tomcat running a Java servlet. The application I'm serving has an ugly index URL: accessing www.mydomain.com/ takes the user to www.mydomain.com/view/user/www/. I would like to alias this so that users see www.mydomain.com/app/ instead, and I'm trying to use mod_rewrite to achieve this.
This is the current setup I have:
LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
JkWorkersFile /etc/apache2/workers.properties
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories # Is it one of these options?
VirtualHost *:80>
ServerName www.mydomain.com
Redirect permanent / https:/www.mydomain.com
</VirtualHost>
<VirtualHost *:443>
ServerName www.mydomain.com
ServerAdmin webmaster#localhost
JkMount / tomcat
JkMount /* tomcat
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule ^/$ /app [PT]
RewriteRule ^/app/?$ /view/user/www [PT,L]
RewriteRule ^/app/(.*)$ /view/user/www/$1 [PT,L]
SSLEngine on
SSLCertificateFile /path/to/my_domain.crt
SSLCertificateKeyFile /path/to/my_domain.key
SSLCertificateChainFile /path/to/chainfile.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
All of this is in apache2.conf. It's currently doing something different to what I would like. When you type in www.mydomain.com/app, the address in the bar changes to www.mydomain.com/view/user/www (and it serves the correct page). I want the bar to continue to display www.mydomain.com/app but display what tomcat has at /view/user/www, thus hiding the ugly URL from the user. How can I achieve this?
RewriteRule ... [PT] + mod_jk requires
JkOptions +ForwardURICompatUnparsed
Try this:
RewriteRule ^/$ /app [R]
RewriteRule ^/app/?$ /view/user/www [PT]
RewriteRule ^/app/(.*)$ /view/user/www/$1 [PT]
[R] is a redirection, the url should be modified in the address bar.
[PT,L] is not useful since [PT] includes [L].
I want to configure apache UserDir cooperating with ProxyPass, that is, want all requests but starting with /~ passed to proxy.
Firstly I have ProxyPass settings for a Rails application as bellow:
ProxyPass / http://localhost:3001/
ProxyPassReverse / http://localhost:3001/
and, now I want to add public_html UserDir setting to this.
In other words, I want the requests to http://example.com/hoge/fuga goes to rails app, but those to http://example.com/~userrefer to refer to /home/user1/public_html directory.
How can I do this?
I've solved the problem by adding the line bellow to the apache config;
ProxyPassMatch ^/~ !
Does the below work?
ProxyPass /~ !
ProxyPass / http://localhost:3001/
ProxyPassReverse / http://localhost:3001/
! will tell mod_proxy not to forward requests beginning /~
Note: Updated config and added trailing slash to websocket path. Still same problem
Is it possible to use go-websocket behind a Apache reverse proxy with mod_proxy_wstunnel?
I tried and failed to get things working.
I tried to use the Chat example behind an Apache reverse proxy (with mod_proxy_wstunnel enabled). And it doesn't work. The proxy is a success, while the websocket part does not work at all.
My Apache config looks similar to this:
<VirtualHost *:80>
DocumentRoot /var/www/foobar
ServerName foobar.com
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyPass /ws/ ws://localhost:8080/ws/
ProxyPassReverse /ws/ ws://localhost:8080/ws/
ErrorLog logs/error_log-foobar
CustomLog logs/access_log-foobar common
LogLevel debug
</VirtualHost>
And of course I'm running the chat server on port 8080. I've tested it with SSH tunnel, and things work perfectly. Then I moved on to Apache.
The first time I tried, the javascript console complains this:
NetworkError: 403 Forbidden - http://foobar.com/ws/
The request seems to be stucked at the origin check.
Then I tried again after comment out the origin check, it get this:
NetworkError: 400 Bad Request - http://foobar.com/ws/
It seems the chat server do not get the upgrade request at all.
How should I debug this?
Where should I start looking?
Thanks everyone! After taking several advices above, I found the solution.
And for someone who might have similar issue, here is the solution to my question:
As Aralo suggested, trailing slash must be added to the WebSocket path (in my case: "/ws/"). It looks Apache will only handle WebSocket with a valid GET request.
James Henstridge was right. The order of ProxyPass relevant. ProxyPass of /ws/ must be put before the / line.
After consulting the Chat example code, I found an origin check in the function ServeWs() and removed.
Everything works now.
And thanks covener, reading logs does help.
I am using Go secure WebSocket (wss://) server behind Apache 2.4.18 on CentOS 7. Here are the settings:
Make sure the system has mod_proxy_wstunnel:
# find /usr/lib64/httpd/modules/ | grep ws
/usr/lib64/httpd/modules/mod_proxy_wstunnel.so
Add the following line in 00-proxy.conf:
# vim /etc/httpd/conf.modules.d/00-proxy.conf
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
Restart Apache:
# systemctl restart httpd
Check the setting:
# httpd -M | grep -iE 'proxy'
proxy_module (shared)
proxy_fcgi_module (shared)
proxy_http_module (shared)
proxy_wstunnel_module (shared)
Edit httpd-vhosts.conf:
# vim /etc/httpd/conf.d/httpd-vhosts.conf
<VirtualHost *:443>
ServerName go.mydomain.com:443
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine On
SSLCertificateFile "/etc/pki/tls/certs/mydomain.com/mydomain.crt"
SSLCertificateKeyFile "/etc/pki/tls/certs/mydomain.com/mydomain.key"
### The configured ProxyPass and ProxyPassMatch rules are checked
### in the order of configuration. The first rule that matches wins.
ProxyPassMatch ^/(ws(/.*)?)$ wss://192.168.0.1:443/$1
ProxyPass / https://192.168.0.1:443/
ProxyPassReverse / https://192.168.0.1:443/
ErrorLog "/var/log/httpd/go.mydomain.com-error_log"
CustomLog "/var/log/httpd/go.mydomain.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
ServerName go.mydomain.com:80
ProxyPreserveHost On
ProxyRequests off
###
ProxyPassMatch ^/(ws(/.*)?)$ ws://192.168.0.1:80/$1
ProxyPass / http://192.168.0.1:80/
ProxyPassReverse / http://192.168.0.1:80/
ErrorLog "/var/log/httpd/go.mydomain.com-error_log"
CustomLog "/var/log/httpd/go.mydomain.com-access_log" common
</VirtualHost>