httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] Rewrite Rule
Date Thu, 25 Apr 2013 16:39:47 GMT
On Thu, Apr 25, 2013 at 4:53 PM, Chris Arnold
<carnold@electrichendrix.com> wrote:
> On Apr 25, 2013, at 11:32 AM, "Tom Evans" wrote:
>
>> It looks like you are rewriting it to it's current location. This
>> leads to a loop.
>>
>> Why are you using rewrite rules anyway?
>
> Because reverse proxy does not work

...

The *only* way to get content from a backend is via reverse proxy.

>
>
>> It seems like you want to
>> reverse proxy from an apache server with a public IP to a backend
>> webserver in your private LAN. Where do rewrite rules come in to this?
>> Why are you checking the host name in your rewrite rules, instead of
>> using vhosts? Why is this not your configuration:
>>
>>
>
> As I stated in an earlier post, apache does not start when more than 1 ssl
> virtual host (complains about overlap)

Not using vhosts is frankly more trouble than it is worth. Use vhosts.
Post about the problem that using vhosts gives you. You must be using
the same certificate for both hostnames anyway (presumably a wildcard
cert or using subjectAltName, or you just ignore the errors?), so the
configuration should be pretty straightforward.

>
>
>> ServerName apps.tld
>> ProxyPass / https://192.168.123.7/
>> ProxyPassReverse / https://192.168.123.7/
>>
>
> We have many different things that run on this server and apache handles
> them. When using "/" in your proxy config, everything stops working, email,
> other websites etc.

So don't proxy from /, or add specific excludes for the paths you do
not want to be proxied:

ProxyPass /email !
ProxyPass / https://192.168.123.7/

Again, this problem goes away if you correctly separate out your
separate hosts into their own vhost configuration.

>
>>
>> I'm very confused by what you're trying to achieve.
>
> I covered this in my first email but will try to describe it again: server
> behind an apache server that we need users to get to using
> https://apps.domain.tld. The app resides at http:///sub. We need apache to
> catch the https://apps.domain.tld request and send to https://another
> server/sub
>


NameVirtualHost *:443

<VirtualHost *:443>
  ServerName www.domain.tld
  SSLEngine On
  SSLCertificateFile ..
  SSLCertificateKeyFile ..

  # All your current directives that apply to www
</VirtualHost>

<VirtualHost *:443>
  ServerName apps.domain.tld
  SSLEngine On
  SSLCertificateFile ..
  SSLCertificateKeyFile ..

  ProxyPass / https://192.168.123.7/
  ProxyPassReverse / https://192.168.123.7/
</VirtualHost>

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message