Apache and tomcat in the same Virtualhost - apache

I have a virtualhost that looks like :
<VirtualHost *:80>
ServerName www.mysite.com
SetOutputFilter DEFLATE
RedirectMatch ^/manager$ http://www.fna.fi/manager/
DocumentRoot /build/vhosts/mysite.com
ErrorLog /build/logs/site.com-error.log
CustomLog /build/logs/site.com-access.log combined
ProxyRequests Off
RewriteEngine on
ProxyPass /manager http://127.0.0.1:8060/manager/ retry=0
ProxyPassReverse /manager http://127.0.0.1:8060/manager
ProxyPass / http://127.0.0.1:8060/app/ retry=0
ProxyPassReverse / http://127.0.0.1:8060/app/
</VirtualHost>
Now I want to add a blog in /build/vhosts/mysite.com. So it will be : http://www.mysite.com/blog but when I access this site it looks like its being forwarded to Tomcat (most likely due to the "ProxyPass /...".
Is there a way to make it work for the scenario I have?
Thanks!

Currently anything will be forwarded to the tomcat:
ProxyPass / http://127.0.0.1:8060/app/ retry=0
ProxyPassReverse / http://127.0.0.1:8060/app/
You have to add a alias before your proxy directives to your config:
Alias /blog /build/vhosts/mysite.com
<Location /blog>
# make some configs for this location like...
Options FollowSymLinks
AllowOverride None
</Location>

Related

Try to setup jitsi behind a apache2 reverse proxy

Iam using a ubuntu 18.04 linux VM as a reverse proxy to forward https subdomains to intern targets f.e. guacamole.mydomain.com and jitsi.mydomain.com.
Each system is a seperate linux VM.
public ip --> web reverse proxy 192.168.2.10 --> guacamole.mydomain.com 192.168.2.20 and jitsi.mydomain.com 192.168.2.30
guacamole is working as expected but iam facing some issues with fowarding https to jitsi.mydomain.com.
All other ports are directly forwarded to jitsi without a proxy.
i created two conf files in /etc/apache2/sites-enabled one for jitsi and one for guacamole and generated a lets encrypt cert with certbot --apache.
When i try to open jits.mydomain.com from outside, i get the following Error: ERR_TOO_MANY_REDIRECTS.
Within the network jitsi is reachable via https, so what did i miss?
unfortunately iam not very familiar with proxy and apache.
thanks in advance guys.
jitsi.conf
<VirtualHost *:80>
ServerName jitsi.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://192.168.2.30:80/
ProxyPassReverse / http://192.168.2.30:80/
RewriteEngine on
RewriteCond %{SERVER_NAME} =jitsi.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
jitsi-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName jitsi.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://192.168.2.30:80/
ProxyPassReverse / http://192.168.2.30:80/
SSLCertificateFile /etc/letsencrypt/live/jitsi.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jitsi.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
guacamole.conf
<VirtualHost *:80>
ServerName guacamole.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
<Location />
Order allow,deny
Allow from all
ProxyPass http://192.168.2.20:8080/guacamole/ flushpackets=on
ProxyPassReverse http://192.168.2.20:8080/guacamole/
ProxyPassReverseCookiePath /guacamole /
</Location>
<Location /websocket-tunnel>
Order allow,deny
Allow from all
ProxyPass ws://192.168.2.20:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://192.168.2.20:8080/guacamole/websocket-tunnel
</Location>
SetEnvIf Request_URI "^/tunnel" dontlog
CustomLog /var/log/apache2/guac.log common env=!dontlog
RewriteEngine on
RewriteCond %{SERVER_NAME} =guacamole.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
guacamole-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName guacamole.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
<Location />
Order allow,deny
Allow from all
ProxyPass http://192.168.2.20:8080/guacamole/ flushpackets=on
ProxyPassReverse http://192.168.2.20:8080/guacamole/
ProxyPassReverseCookiePath /guacamole /
</Location>
<Location /websocket-tunnel>
Order allow,deny
Allow from all
ProxyPass ws://192.168.2.20:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://192.168.2.20:8080/guacamole/websocket-tunnel
</Location>
SetEnvIf Request_URI "^/tunnel" dontlog
CustomLog /var/log/apache2/guac.log common env=!dontlog
SSLCertificateFile /etc/letsencrypt/live/guacamole.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/guacamole.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Just stumbled upon your question while looking for a solution of a different problem on Jitsi but I think you'll find a useful solution in this page:
https://debamax.com/blog/2020/03/18/installing-jitsi-behind-a-reverse-proxy/
It's not my solution. I'm just trying to help.
Cheers

Proxy pass an application from a different machine to an apache web server

I have three applications running, 2 on local machine/server where Apache is installed and 1 on a different machine/server.
I am using Apache2.4 on Ubuntu 18.04
application 1(yii) = 127.0.0.1:80
application 2(mantis bt) = 127.0.0.1:8080
application 3(yii) = 192.168.X.X:80
I want to configure my apache web server to host the three applications on https. I proxy pass both app2 and app3.
app2 = /app2 http://127.0.0.1:8080
app3 = /app3 http://192.168.X.X
app1 can be accessed successfully without error,
app2 and app3 can be accessed but .css, .js and other files cannot be found and error 404.
Note: I can access all three apps when not on proxy pass.
also it is possible to host the three apps and have a url like the following:
https://app1.example
https://app2.example
https://app2.example
I am new to apache. Please help me.
Configure apache virtual host as a below configuration
For app2
<Virtualhost *:80>
ServerName app2.domain.com
ServerAdmin youremail#email.com
ProxyPass http://127.0.0.1:8080/
ProxyPassReverse http://127.0.0.1:8080/
</Virtualhost *:80>
For app3
<Virtualhost *:80>
ServerName app3.domain.com
ServerAdmin youremail#email.com
ProxyPass http://192.168.X.X/
ProxyPassReverse http://192.168.X.X/
</Virtualhost *:80>
Create a separate virtual host for both domains.
After creating virtual host restart apache
service apache2 restart
It's working for me, I hope it will be worked for you and load .css, .js and other files.
If you want to redirect aap3 to https, then your final virtual host file will be like below configuration:
<Virtualhost *:80>
ServerName app2.domain.com
ServerAdmin youremail#email.com
ProxyPass http://127.0.0.1:8080/
ProxyPassReverse http://127.0.0.1:8080/
</Virtualhost *:80>
<Virtualhost *:80>
ServerName app3.domain.com
Redirect / https://app3.domain.com/
</Virtualhost *:80>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName app3.domain.com
ServerAdmin youremail#email.com
ProxyPass http://192.168.X.X/
ProxyPassReverse http://192.168.X.X/
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias app3.domain.com
SSLCertificateFile /etc/letsencrypt/live/app3.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/app3.domain.com/privkey.pem
</VirtualHost>
</IfModule>
Please check my config below:
DocumentRoot /var/www/html/app1
ErrorLog /var/log/httpd/app1_log
LogLevel debug
<Directory /var/www/html/app1>
AllowOverride none
Order allow,deny
Allow from all
RewriteCond %{ENV:REDIRECT_STATUS} ^$
# use mod_rewrite for pretty URL support
RewriteEngine on
# If a directory or a file exists, use the request directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward the request to index.php
RewriteRule . index.php
</Directory>
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
</Proxy>
<Location /app2>
ProxyPass http://127.0.0.1:8080/login_page.php
ProxyPassReverse http://1127.0.0.1:8080/login_page.php
SetEnv proxy-sendchunks 1
</Location>
<Location /app3>
ProxyPass http://192.168.X.X/
ProxyPassReverse http://192.168.X.X/
SetEnv proxy-sendchunks 1
</Location>
<Location /static/>
ProxyPass !
</Location>
</VirtualHost>
<VirtualHost *:443>
SSL Configuration
</VirtualHost>

Reverse Proxy with pgadmin and apache

I would like to setup the local pgadmin in server mode behind the reverse proxy. The reverse proxy and the pgadmin could be on the same machine. I tried to set up but it always fails.
Here is mypgadmin conf:
Listen 8080
<VirtualHost *:8080>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/pgadmin.crt
SSLCertificateKeyFile /etc/pki/tls/private/pgadmin.key
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule ssl_module modules/mod_ssl.so
WSGIDaemonProcess pgadmin processes=1 threads=25
WSGIScriptAlias /pgadmin /usr/lib/python2.7/site-packages/pgadmin4-web/pgAdmin4.wsgi
<Directory /usr/lib/python2.7/site-packages/pgadmin4-web/>
WSGIProcessGroup pgadmin
WSGIApplicationGroup %{GLOBAL}
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
</VirtualHost>
and my reverse proxy conf
Listen 443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
ErrorLog /var/log/httpd/reverse_proxy_error.log
CustomLog /var/log/httpd/reverse_proxy_access.log combined
SSLProxyEngine on
SSLProxyVerify require
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCACertificateFile "/etc/pki/tls/certs/ca-bundle.crt"
ProxyPreserveHost On
ProxyPass / https://localhost:8080/pgadmin
ProxyPassReverse / https://localhost:8080/pgadmin
</VirtualHost>
The httpd start but when I want to test it with
wget --no-check-certificate https://localhost/
it give me error 400
but the
wget --no-check-certificate https://localhost:8080/pgadmin
is working. Where is the problem in my config?
this work for me. I make pgadmin proxy to sub directory (https://localhost/pgadmin)
<VirtualHost *:80>
ServerName localhost
DocumentRoot "/var/www"
<Directory "/var/www">
AllowOverride all
</Directory
ProxyPass /ws/ ws://0.0.0.0:8888/
ProxyPass /phpmyadmin/ http://phpmyadmin/
<Location /pgadmin/>
ProxyPass http://pgadmin:5050/
ProxyPassReverse http://pgadmin:5050/
RequestHeader set X-Script-Name /pgadmin
RequestHeader set Host $http_host
</Location>
</VirtualHost>
Have you tried with latest version, I think it is fixed this commit Ref: LINK
Online Docs: https://www.pgadmin.org/docs/pgadmin4/dev/server_deployment.html
This config works,
use 0.0.0.0 for pgadmin docker, else use your ip
change port 5050 with your pgadmin port
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>
Cofigure with SSL, replace yourdomain.com with valid SSL for your domain
<VirtualHost *:80>
ServerName pgadmin.yourdomain.com
RedirectMatch permanent ^/(.*)$ https://pgadmin.yourdomain.com/$1
</VirtualHost>
<VirtualHost *:443>
ServerName pgadmin.yourdomain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
RedirectMatch permanent ^/pgadmin4$ /pgadmin4/
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:5050/
ProxyPassReverse / http://0.0.0.0:5050/
Header edit Location ^/ /pgadmin4/
Header always set X-Script-Name /pgadmin4
</VirtualHost>

Avoid the conflict on port 80 between nodejs and apache

The goal is to listen on port 80 with nodejs without killing apache.
I have to say my knowledges in network are very basic.
UPDATE
I am trying to use ProxyPass ProxyPassReverse on my local machine but there is something wrong.
Alias /test /media/www-dev/public/test
<Directory /media/www-dev/public/test>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass /test http://localhost:3000/
ProxyPassReverse /test http://localhost:3000/
</Location>
When i launch http://localhost/test on my browser i get a message Cannot GET /test/, if i stop to listen on the port 3000, then i get 503 Service Temporarily Unavailable my node app is listening on the port 3000.
If if commente the "Proxy" lines, i can reach the URL http://localhost/test again.
Why can i not access the URL http://localhost/test ? Is it because the proxy try to reach http://localhost:3000/ instead following the path of the alias /test ?
Thanks !
you need to create a virtual host in apache for your node app and proxy over the requests.
here is what mine looks like in /etc/apache/sites-available/dogself.com
<VirtualHost 69.164.218.75:80>
ServerName dogself.com
ServerAlias www.dogself.com
DocumentRoot /srv/www/dogself.com/public_html/
ErrorLog /srv/www/dogself.com/logs/error.log
CustomLog /srv/www/dogself.com/logs/access.log combined
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
It sounds like you have a lot to research before you can get this working though. start reading docs
Alternative approach for a virtual host would be the following
<VirtualHost *:80>
ServerAdmin info#DOMAIN.com
ServerName DOMAIN.com
ServerAlias www.DOMAIN.com
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
To fix the Internal Server ERROR just enable the right apache extension.
sudo a2enmod proxy_http
sudo service apache2 restart

Issues Setting up a reverse proxy in Apache

My roommate and I each have a separate webserver we are trying to set up. We are trying to use mod_proxy so that his server will forward requests to my machine (we have two seperate machines behind one router) based on the server name. I've given the basics of what we have in our apache config currently but we are getting a 403 Forbidden error when trying to access the second domain (the first, www domain, works fine).
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/www
ServerName www.<domain1>.com
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://<IP addr of other box>:80
ProxyPassReverse / http://<IP addr of other box>:80
ServerName <dummydomain>.gotdns.com
</VirtualHost>
Your mods-enabled/proxy.conf might be blocking any proxy requests (it's deny all by default). It should include the following instead:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
EDIT: Also make sure that the mod_proxy submodules are sym linked into mods-enabled (in this case, the http sub module which is mods-available/proxy_http.load)
Just put both routes:
<VirtualHost *:80>
DocumentRoot "/app/"
ProxyPreserveHost On
ProxyRequests Off
ServerName app.yourdomain.com
ProxyPass /app http://yourIP:yourPort/app/
ProxyPassReverse /app http://yourIP:yourPort/app/
ProxyPass / http://yourIP:yourPort/app/
ProxyPassReverse / http://yourIP:yourPort/app/
</VirtualHost>
<Location "/app/" >
ProxyPass "http://yourIP:yourPort/app/"
ProxyPassReverse "http://yourIP:yourPort/app/"
ProxyPassReverseCookiePath "/app/" "/app/"
ProxyHTMLEnable Off
ProxyHTMLExtended On
ProxyHTMLURLMap "/app/" "/app/"
Order allow,deny
Allow from all
</Location>
This worked form me