httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Iliffe <john.ili...@iliffe.ca>
Subject Re: [users@httpd] [Fwd: Reverse Proxy Configuration]
Date Tue, 08 Jun 2010 02:34:45 GMT
On Mon, 2010-07-06 at 11:02 +0100, Tom Evans wrote: 
> On Sun, Jun 6, 2010 at 9:30 PM, John Iliffe <john.iliffe@iliffe.ca> wrote:
> > I sent the following request for help a couple of weeks back but so far
> > no response.  Maybe I didn't make the actual question clear :-(
> > Anyhow, I have done quite a bit of experimentation since with the
> > following non-results.
> >
> > What I'm trying to do:
> >
> > I have a mail server with a web interface; to avoid conflict with Apache
> > HTTP I have it on port 8080.  That port is blocked by the firewall so I
> > am trying to proxy it to HTTP/80 through Apache.  Internally, the mail
> > server is reached as:   http://192.168.1.12:8080 and works OK.
> >
> > I read the Apache docs and also:
> > http://www.apachetutor.org/admin/reverseproxies
> > and created the following config file:
> >
> > NameVirtualHost *:80
> >
> > # Default host
> > <VirtualHost *:80>
> >   ServerName www.xxxxx.ca
> >   DocumentRoot /httpd/xxxxx
> >   ProxyRequests off
> >   ProxyPass /mymail/* !
> >   ProxyPass /mymail/ http://192.168.1.12:8080
> >   ProxyPassReverse /mymail/ http://192.168.1.12:8080
> 
> I'm not sure what you are trying to do here with the
>   ProxyPass /mymail/* !
> 
> This says not to proxy (literally) '/mymail/*'. If you didn't want to
> proxy anything below '/mymail/', the correct syntax is:
>   ProxyPAss /mymail/ !
> although, given you other directives, why you have this one is a mystery.
> 
> Also, your ProxyPass{,Reverse} directives aren't right:
> 
>   Proxy /mymail/ http://192.168.1..12:8080
> 
> This says 'when path begins '/mymail/', substitute '/mymail/' with
> 'http://192.168.1..12:8080' and proxy to the resultant URL.
> When you have a requested URI like '/mymail/kookie', it will attempt
> to proxy to 'http://192.168.1..12:8080kookie' - this is what you asked
> it to do.
> 
> A simple rule I follow is to always keep the trailing '/' matching on
> both arguments of ProxyPass and ProxyPassReverse  - if one side has a
> trailing '/', so should the other.
> 
> Cheers
> 
> Tom
> 
First, thanks for both Tom and Eric for the prompt responses.

I have followed Eric's note and installed mod_proxy_html (don't know how
I missed that!)  I included the proxy_html.conf script that comes with
the module in the conf/extras directory and Included it in the
httpd.conf script.  libxml2 is present on the system as noted in the
tutorial and I skipped mod_xml2enc because I don't have an
internationalization problem.  That doesn't seem to be the issue at the
moment.  

The startup log now says:

[Mon Jun 07 21:55:32 2010] [notice] caught SIGTERM, shutting down
[Mon Jun 07 21:55:43 2010] [notice] Apache/2.2.14 (Unix) mod_ssl/2.2.14
OpenSSL/0.9.8e-fips-rhel5 PHP/5.3.1 proxy_html/3.0.1 configured --
resuming normal operations

so mod_proxy_html is really loaded, BUT apachectl -l does NOT show
mod_proxy_html as being present.  (Oddly, there is a similar error in
that apachectl shows mod_status as compiled in but the apachectl status
and fullstatus commands don't work).

If I try to use either of the ProxyHTMLEnable On or ProxyHTMLURLMap
directives apachectl -S still flags them as errors.  The relevant part
of the httpd.conf file is:

# Default host
<VirtualHost *:80>
   ServerName www.xxxxxxx.ca
   DocumentRoot /xxxxxx
   ProxyRequests off
   ProxyPass /mymail http://192.168.1.12:8080
   ProxyPassReverse /mymail http://192.168.1.12:8080

   ProxyHTMLEnable On

   <Location /mymail >
       ProxyHTMLURLMap / /mymail
   </Location>
</VirtualHost>

I followed your advice and the ProxyPass/ProxyPassReverse directives now
all have no trailing / and the initial screen comes up properly.  Just
links fail due to the problems noted above.

Tom:  I deleted the [ ProxyPass /mymail/* ! ] command.  What I was
trying to do was prevent anyone from bypassing the login routine and
trolling for user mail directories on, for example: /mymail/mail/george.
This isn't a big issue, I can move the mail somewhere else.

John



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message