I'm trying to handle subdomains on a specific server and the normal URL from all servers. They're behind a load balancer. This works for http://test.com and it load balances.
For subdomains I can't tell if the proxy is working or why I'm getting a 404 error. Is there anything wrong with my config?
DNS: example.com 111.111.111.111
Load Balancer: 111.111.111.111
Master, write server: 222.222.222.222
httpd.conf, mirrored to all servers:
<Directory />
Header add myServerName "anglefish" # add a string for testing which server
Header add myServerTimes "D%D t%t"
</Directory>
000-default mirrored to each server except master
#Proxy subdomains from one server
<VirtualHost *:80>
ServerName *.example.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://222.222.222.222/
ProxyPassReverse / http://222.222.222.222/
</VirtualHost>
<VirtualHost *:443>
ServerName *.example.com
SSLEngine on
SSLProxyEngine On
SSLEngine on
SSLCertificateFile /etc/apache2/.ssh/example.com.crt
SSLCertificateKeyFile /etc/apache2/.ssh/example.com.key
SSLCertificateChainFile /etc/apache2/.ssh/example.com_bundle.crt
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://222.222.222.222/
ProxyPassReverse / http://222.222.222.222/
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/vhosts/example.com/public_html
<Directory /var/www/vhosts/example.com/public_html>
Options -Indexes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/vhosts/example.com/public_html
SSLEngine on
SSLCertificateFile /etc/apache2/.ssh/example.com.crt
SSLCertificateKeyFile /etc/apache2/.ssh/example.com.key
SSLCertificateChainFile /etc/apache2/.ssh/example.com_bundle.crt
</VirtualHost>
Related
I get slightly crazy :)
I have a domain example.com and I have a SSL certificate for www.example.com
The example.com refers to the IP address of the server (it is an EC2 instance).
In the vhost.conf of the Server I have the following entries
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName www.example.com
DocumentRoot /var/www/vhosts/example-wp
SSLEngine On
...
</VirtualHost>
I took the information from the apache wiki.
https://wiki.apache.org/httpd/RedirectSSL
Thanks for helping
Tristan
You already have the necessary directives listed to perform the redirect. You also need to tell the vhost file where your certificate and key for the certificate exist. You also need to say whether or not a directory the user browses to is to load SSL. Please see a full example configuration file below.
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#local
DocumentRoot /path/to/web/content
DirectoryIndex index.php index.html
ErrorLog logs/error_log
CustomLog logs/access combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl.crt/certfile.cer
SSLCertificateKeyFile /etc/apache2/ssl.key/keyfile.key
<Directory "/path/to/web/content/">
Options None
AllowOverride None
Order allow,deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
I am attempting to get a jenkins instance (running on http://localhost:8080/) to be visible at http://ci.domain.com:80/.
Current status:
* Browsing to ci.domain.com gives me the content of domain.com
* Browsing to ci.domain.com:8080 shows jenkins
* Browsing to domain.com:8080 shows jenkins
Ideal status:
* Browsing to ci.domain.com shows jenkins
* Browsing to ci.domain.com:8080 redirects to ci.domain.com
* Browsing to domain.com:8080 does whatever the server would do if there were nothing running on port 8080
My current apache site config (working as expected for shifting traffic to HTTPS) is as follows:
<VirtualHost *:8080>
ServerName ci.domain.com
ServerAlias ci
Redirect temp / http://ci.domain.com/
</VirtualHost>
<VirtualHost *:80>
ServerName ci.domain.com
ServerAlias ci
ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
<Proxy http://localhost:8080/*>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com
Redirect permanent / https://domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com
<Directory /var/www/domain.com/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml $
</IfModule>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/domain.com/fullchain.pem
<FilesMatch "\.(cgi|shtml|phtml_php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</VirtualHost>
Any help is appreciated.
I have 3 Apache VM's running currently:
A) ProxyPass (Hosts Nothing)
B) Main Website
C) ZoneMinder Website
If you access example.com you get to the website, and can navigate around, but...
If I manually type http://example.com/zm trying to access zoneminder
It redirects http://example.com/zm in my remote browser to http://192.168.1.255:443/foo*
I can't seem to get my redirect working correctly, can anybody see what I am doing wrong?
Configs:
A) ProxyPass Server:
<VirtualHost *:80>
ServerName www.example.com
RedirectPermanent / http://example.com
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://192.168.1.255:80/
ProxyPassReverse / http://192.168.1.255:80/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
B) Main Website
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/example.log
CustomLog ${APACHE_LOG_DIR}/example-access.log combined
</VirtualHost>
Got it working!
The setup:
Server A) Apache server that only serves proxypass and doesn't host anything
Server B) Apache server that hosts main domain.com
Server C) Apache server that hosts ZoneMinder # domain.com/zm
Server A Config:
<VirtualHost *:80>
ServerName domain.com
Redirect / https://www.domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLProxyEngine On
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
ProxyPreserveHost on
ProxyPass /zm https://192.168.1.43:443/zm
ProxyPassReverse /zm https://192.168.1.43:443/zm
ProxyPass / https://192.168.1.42:443/
ProxyPassReverse / https://192.168.1.42:443/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Notes: It is important to have the /zm come before the "/" catch all. I also noticed it FAILED if i used /zm/.
Server B Config:
<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/domain.log
CustomLog ${APACHE_LOG_DIR}/domain.log combined
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
</VirtualHost>
Note: it is not necessary to have *:80 redirects or Server Alias as only correctly formatted requests are sent to this server via ProxyPass filtering beforehand.
Server C Config: (domain.com/zm)
<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/html
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/domain.log
CustomLog ${APACHE_LOG_DIR}/domain.log combined
SSLEngine on
SSLCertificateFile /location of .crt
SSLCertificateKeyFile /location of .key
SSLCACertificateFile /location of .crt
</VirtualHost>
Yes it is the same. It works so I am happy!
Note: All 3 servers have my SSL certs installed, but I did not touch default-ssl.conf.
Any reason why the middle vhost setting is causing an issue w/ Apache? Maybe it's because I don't have the SSL details in there?
<VirtualHost *:80>
ServerName www.windfarmstudios.com
ServerAlias windfarmstudios.com
Redirect permanent / https://windfarmstudios.com
</VirtualHost>
#<VirtualHost *:443>
# ServerName www.windfarmstudios.com
# Redirect permanent / https://windfarmstudios.com
#</VirtualHost>
<VirtualHost *:443>
ServerName windfarmstudios.com
DocumentRoot /var/www/windfarmstudios.com/public_html
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/windfarm.crt
SSLCertificateKeyFile /etc/apache2/ssl/windfarm.key
SSLCACertificateFile /etc/apache2/ssl/windfarm.ca-bundle
</VirtualHost>
I created a SSL VirtualHost
<VirtualHost *:443>
ServerName cloud.url.com
ServerAlias www.url.com
DocumentRoot /var/www/owncloud
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.crt
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
</VirtualHost>
My problem is that every SSL connection now is going to /var/www/owncloud
For instance https://url.com is going to /var/www/owncloud instead of /var/www/
How can I only set the VirtualHost for cloud.url.com and the other domains "ignore the ssl" - so they stay in there directories?
In fact, your virtualhost says www.url.com and cloud.url.com goes to /var/www/owncloud. I think you don't want www.url.go to points to your owncloud. So, just remove serverAlias :
<VirtualHost *:443>
ServerName cloud.url.com
DocumentRoot /var/www/owncloud
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.crt
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
</VirtualHost>
I think you haven't set any virtualhost listening to url.com on port 443. That's why, apache redirect it to an url configured with https.
if you don't want ssl on url.com, you can just do this :
<VirtualHost *:443>
ServerName url.com
Redirect 301 / http://url.com
</VirtualHost>
Found the solution, put this in one file together:
<VirtualHost *:443>
ServerName cloud.domain.com
ServerAlias www.cloud.domain.com
DocumentRoot /var/www/owncloud
<Directory /var/www/owncloud/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.crt
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
</VirtualHost>
<VirtualHost *:443>
ServerName domain.com
ServerAlias *.domain.com
Redirect 301 / http://domain.com
</VirtualHost>
Thank you!