I am pretty new to Apache and was hoping to setup a reverse proxy to be able to access so the web interfaces of some IP Cameras I have from one site. The basic layout I'm using is below:
/ Cam 1 - 192.168.1.10
Reverse Proxy - 192.168.1.6 -
\ Cam 2 - 192.168.1.11
When I click a link it doesn't resolve correctly, the URL should be http://192.168.1.6/cam1/settings.htm but it resolves to http://192.168.1.6/setting.htm
Not Found
The requested URL /setting.htm was not found on this server.
Apache/2.2.22 (Debian) Server at 192.168.1.6 Port 80
My Config is here, I'm using the standard httpd.conf with the proxy and rewrite modules enabled:
ProxyRequests off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
<VirtualHost *>
Servername webserver
RewriteEngine on
RewriteRule ^/cam1/(.*)$ http://192.168.1.10$1 [P]
RewriteRule ^/cam2/(.*)$ http://192.168.1.11$1 [P]
ProxyPass /cam1 http://192.168.1.10
ProxyPassReverse /cam1 http://192.168.1.10
ProxyPass /cam2 http://192.168.1.11
ProxyPassReverse /cam2 http://192.168.1.11
</VirtualHost>
Any help would be appreciated.
Cheers,
Adam
In logs you can clearly see that there are some files missing like File does not exist: /var/www/jpg and /var/www/lang so may be this is the reason for your storage issue.I bet you that you missed some configuration while server OR your server msy corrupt these files while running due to some other files.I suggest you to fresh download and then reinstall it.
For future users:
cat /etc/apache2/sites-available/default
<VirtualHost *:80>
ServerAdmin user#work.com.br
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from 192.168.5.25
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /cameras/ http://192.168.5.6/
ProxyPassReverse /cameras/ http://192.168.5.6/
Related
We have an angular app with an apache server which uses .htaccess to rewrite requests to /index.html using
RewriteRule . /index.html [L]
But for a few paths, we want to use /whatever to route to a different domain. However, adding
ProxyPass /whatever whatever.site.com
to sites-enabled doesn't seem to override the .htaccess.
That full file looks like
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
ProxyPass /whatever https://whatever.com
ProxyPassReverse /whatever https://whatever.com
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Any suggestions?
Also, I know for sure that the sites-enabled file above is being used because if I put garbage-text into it the site crashes ;)
Your quoted virtualhost is probably not used for your test request, because proxy would always bypass mod_rewrite rules specified in .htaccess.
Maybe apachectl -S would give you a hint about which vhosts are present / being used. I see this vhost has no ServerName, so unless it's the first or only *:80 it will probably never be used.
I've had a working webmin setup on a VPS, however after trying to force it to connect via HTTPS I've done goof somewhere and now whenever I try to login the login page doesn't display correctly (no blue rectange background) and trying to login via https://server1.domain.me:10000 keeps redirecting me to https://server1.domain.me:10000/webmin/session_login.cgi, which is again a login page.
Before it began malfunctioning, I had the following file in /etc/apache2/sites-available
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
</VirtualHost>
When I tried to force webmin (and owncloud if that matters) to use HTTPS I created a new Virtualhost for port 443 using my SSL keys and updated Virtualhost for port 80 to proxy all http://domain.me/webmin to https://server1.domain.me:10000 (I kept commented-out configs for you to see what I've tried):
<VirtualHost *:443>
ServerAdmin webmaster#domain.me
ServerName server1.domain.me
alias /owncloud /var/www/domain.me/owncloud
DocumentRoot /var/www/domain.me/
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/ssl/ssl.crt/server1_domain_me.crt
SSLCertificateKeyFile /etc/ssl/ssl.crt/server1.key
SSLCACertificateFile /etc/ssl/ssl.crt/COMODORSADomainValidationSecureServerCA.crt
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# <Location /webmin>
# RewriteEngine On
# #RewriteRule (.*) https://server1.domain.me:10000/$1 [R,L]
# ProxyPass https://server1.domain.me:10000/
# ProxyPassReverse https://server1.domain.me:10000/
# </Location>
<Directory /var/www/domain.me/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
Satisfy Any
<IfModule mod_rewrite.c>
RewriteEngine on
<IfModule mod_ssl.c>
RewriteEngine On
RewriteRule ^/?(.*)$ https://%{HTTP_HOST}/owncloud$
</IfModule>
</IfModule>
</Directory>
# ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
# <Directory "/usr/lib/cgi-bin">
# AllowOverride None
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# Order allow,deny
# Allow from all
# </Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
</VirtualHost>
and updated my domain.me virtualhost file to:
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
#SSLEngine On
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
<Location /owncloud>
ProxyPass https://server1.domain.me/owncloud/
</Location>
<Location /server1>
ProxyPass https://server1.domain.me/webmin/
</Location>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
#ProxyPassReverse /owncloud https://server1.domain.me/owncloud/
#ProxyPassReverse /webmin https://server1.domain.me:10000/
</VirtualHost>
I also added the lines webprefix=/webmin, webprefixnoredir=1 and referer=domain.me to /etc/webmin/config
However, something is clearly wrong here because I cannot login to webmin at all. I've been searching the web for an answer for the past 5 hours, tried a lot of thing and still no luck.
Any ideas?
There are 4 critical (and undocumented!) keys to get this to work, as I found through much aggravation!
1) When you edit /etc/webmin/config, make sure there is NO WHITE SPACE at the end of the webprefix=/webmin line. That will fix the problem where the login screen formatting is funky.
2) You need to be extremely precise in your use of slashes in your ProxyPass (and they don't match the official documentation!)
ProxyPass /webmin/ http://localhost:10000/
ProxyPassReverse /webmin/ http://localhost:10000/
3) You need to include cookie ProxyPass lines (again not in the documentation!).
ProxyPassReverseCookieDomain /webmin/ http://localhost:10000/
ProxyPassReverseCookiePath /webmin/ http://localhost:10000/
4) When you browse to Webmin, you MUST INCLUDE a trailing slash!
http://your.domain.name/webmin/
* UPDATE *
Pertaining to point 4:
To make sure the trailing slash is always present when you browse to Webmin, add these lines (prior to your proxy pass, if it matters?). With this added, if you forget to add the slash, Apache will simply do it for you:
RewriteEngine On
RewriteRule ^/webmin$ /webmin/ [R]
I had the same problem. I installed webmin set up apache with it, and after login screen, no redirection happened.But #MUHAHA was right. I set up my webmin with no /webmin directory, no nuthin!
I wrote a CNAME redirection rule in my domain provider. CNAME webmin.example.com to my raspberry pi's dynamic-dns service name.
my webmin.conf file in /etc/apache2/sites-enabled/ directory:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName webmin.example.com
ServerAlias webmin.example.com
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
ProxyPassReverseCookieDomain / http://localhost:10000/
ProxyPassReverseCookiePath / http://localhost:10000/
</VirtualHost>
after that i installed webmin... you know! :)
an then thanks to #MUHAHA, i changed that line 4043 in /usr/share/webmin/miniserv.pl file
change
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
and everythings peachy! Login redirects to the main page with ease!
#Buvinj
Im afraid, that this isnt enough..
To use proper SSL on Proxy, is needed to disable miniservers SSL
/etc/webmin/miniserv.conf
ssl=0
ssl_redirect=1
cookiepath=/webmin
/etc/webmin/config
webprefix=/webmin
webprefixnoredir=1
There are still problems with redirect after login, so this should help:
on webmin host edit file /usr/share/webmin/miniserv.pl
and on line 4043 replace
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
Source:
https://sourceforge.net/p/webadmin/discussion/600155/thread/6eb89f60/
But it doesnt work for me, i am redirected to root context (/) after login, not to /webmin context
EDIT:
$prot is always evaluated as http, even if you have ssl_redirect=1 in miniserv.conf
/usr/share/webmin/miniserv.pl
&write_data("Location: https://$hostport$config{'cookiepath'}$in{'page'}\r\n");
Rewrite rule for Location: in headers should also fix this problem.
EDIT2:
https://github.com/webmin/webmin/issues/350
https://github.com/webmin/webmin/issues/351
I'm having troubles setting up a moodle instance behind an apache proxy.
Here's my apache front-end that proxies to the running server.
NameVirtualHost www.example.com:443
<VirtualHost www.example.com:443>
ProxyPreserveHost On
ProxyRequests Off
ServerName www.example.com
ServerAlias www.example.com
ProxyPass / http://192.168.1.101/
ProxyPassReverse / http://192.168.1.101/
SSLEngine on
SSLCertificateFile /etc/ssl/crt/example.com.crt
SSLCertificateKeyFile /etc/ssl/crt/example.com.key
SSLCACertificatePath /etc/ssl/crt
SSLCertificateChainFile /etc/ssl/crt/example.com.bundle.crt
</VirtualHost>
On the concrete server I've got.
$CFG->wwwroot = 'http://192.168.1.101/classes';
And
<VirtualHost 192.168.1.101:80>
ServerAlias 192.168.1.101
ServerAdmin webmaster#localhost
ServerName 192.168.1.101
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
The thing is that I keep getting that moodle is only accessible from 182.168.1.101 something is not quite matching the expected. I've been able to configure confluence and other platforms but moodle doesn't work.
The concrete error is as follows.
Incorrect access detected, this server may be accessed only through "http://192.168.1.101/classes" address, sorry. Please notify server administrator.
Does anyone know what might be happening?
Its a Moodle error message, the wwwroot in config.php has to match.
You could try
$CFG->wwwroot = 'http://' . $_SERVER['HTTP_HOST'];
Although this might not allow some command line updates in Moodle.
On the proxy server, modify the VirtualHost entry as follows:
ProxyPass / http://192.168.1.101/classes
ProxyPassReverse / http://192.168.1.101/classes
For Moodle, what you set in Moodle's config.php for
$CFG->wwwroot
...has to match your ProxyPass and ProxyPassReverse values in the VirtualHost definition on the Proxy server.
So, what's the URL that points to your front end?
That's what you need to set $CFG->wwwroot to.
I'm having some trouble with migrating my rewrite rules from .htaccess to a VirtualHost.
When I'm using below Directory outside the VirtualHost it works, but I get some authentication errors - so I'm wondering to what I should change it to make it work inside the VirtualHost.
Or should they be added to <Directory /var/www/server/>
Rules:
<Directory /var/www/server/subfolder/>
RewriteEngine On
RewriteCond $1 !^(index\.php|images|js|css|robots\.txt)
RewriteRule ^(.*)$ /subfolder/index.php/$1 [L]
</Directory>
VirtualHost:
<VirtualHost *:80>
ServerAdmin admin#server.com
Servername server.com
ServerAlias server2 server2.com server server.com
DocumentRoot /var/www/server
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/server/>
AuthType NTLM
AuthName Server
require valid-user
PythonAuthenHandler pyntlm
PythonOption Domain SERVER.COM
PythonOption PDC xxx.xxx.xxx.xxx
PythonOption BDC xxx.xxx.xxx.xxx
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/server.com_error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/server.com_access.log combined env=!nolog
</VirtualHost>
Thanks in advance.
What fixed the authentication issue for me was to add
Order allow,deny
Allow from all
to the existing <Directory /var/www/server/subfolder/>.
Though I still only managed to get it to work when having <Directory> outside of <VirtualHost>.
Thanks all.
I am trying to launch a localhost application on Ubuntu with Apache and proxy it to Tomcat so that I can use .jsp pages in my application. It seems that this is possible and I think that I am pretty close, but I can't seem to get it quite right. Any help is greatly appreciated! I've never used apache or tomcat before, so please don't hate me if any of this seems stupid.
I've got Apache hosting a site at localhost with this code for the host:
<VirtualHost *:80>
ServerName localhost
ServerAlias test.com
DocumentRoot /var/www/test.com/helloworld
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This allows me to successfully navigate to my page hello.html by typing localhost/hello.html in the URL. I have read that from this point, I need to insert some code such as:
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /(appname) ajp://localhost:8009/(appname)
ProxyPassReverse /(appname) ajp://localhost:8009/(appname)
and then Tomcat should get the requests. In this case, what would the appname be? My page is located at /var/www/test.com/helloworld/hello.html, so I thought it would be "helloworld", but that does not work. When I leave the appname blank, I see the Tomcat "Congratulations, you've successfully installed Tomcat." when I navigate to localhost, but cannot find my page.
Please help. This is slowly becoming a nightmare. Thanks!
I figured it out. This is super dumb, but I was trying to load the application from /var/www rather than housing it within the tomcat directories. /facepalm
The proxy code I posted in the original question is the only code needed in the virtualhost. Thanks everyone.