You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/03/13 12:59:35 UTC
[Bug 60850] New: ProxyPass ! directive not working
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
Bug ID: 60850
Summary: ProxyPass ! directive not working
Product: Apache httpd-2
Version: 2.4.6
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy
Assignee: bugs@httpd.apache.org
Reporter: nbmlaw@gmail.com
Target Milestone: ---
linux: centos-release-7-3.1611.el7.centos.x86_64
httpd: httpd-2.4.6-45.el7.centos.x86_64
ProxyPass ! directive seems to have no effect. I am trying not to pass the
.well-known directory (used by letsencrypt) so it can be served directly by
httpd. everything else needs to be passed to a Tomcat server. The second line
works perfectly but the first line does not.
ProxyPass /.well-known !
ProxyPass / ajp://localhost:8010/
I have also tried adding ProxyRequests Off but it has no effect. This
configuration worked perfectly on CentOS 6 before I upgraded.
[root@ns1 ~]# httpd -M | grep proxy
proxy_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60850] ProxyPass ! directive not working
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
--- Comment #3 from Eric Covener <co...@gmail.com> ---
(In reply to nbmlaw from comment #2)
> i have tried it with a blank CentOS installation on VirtualBox. just by
> adding the file /etc/httpd/conf.d/vhosts.conf with
> <VirtualHost *:80>
> ServerName www.example.com
> ServerAlias example.com
> DocumentRoot /var/www/html/example.com/public_html
> # ErrorLog /var/www/example.com/error_log
> ProxyPass /.well-known !
> ProxyPass / http://example2.com/
> </VirtualHost>
> <VirtualHost *:80>
> ServerName www.example2.com
> ServerAlias example2.com
> DocumentRoot /var/www/html/example2.com/public_html
> </VirtualHost>
> (and adding example.com and example2.com to /etc/hosts)
> i can see that it works fine. example.com passes to example2.com and i can
> see a test file in .well-known.
>
> there must be a problem on my production server somehwere. the versions of
> centos-release and httpd are identical
>
> do you know of any particular configuration that would specifically disable
> the ! directive?
Thanks for verifying. IMO Nothing like that is really plausible, the most
plausible is that there are other proxying rules hidden somewhere (including
e.g. RewriteRule ... ... [P])
if it hadn't persisted so long, I'd say another candidate is browser caching.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60850] ProxyPass ! directive not working
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #1 from Eric Covener <co...@gmail.com> ---
can you show a full/flat configuration that demonstrates the problem? With that
we can at least try it on a contemporary source release.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60850] ProxyPass ! directive not working
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
--- Comment #2 from nbmlaw@gmail.com ---
i have tried it with a blank CentOS installation on VirtualBox. just by adding
the file /etc/httpd/conf.d/vhosts.conf with
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/html/example.com/public_html
# ErrorLog /var/www/example.com/error_log
ProxyPass /.well-known !
ProxyPass / http://example2.com/
</VirtualHost>
<VirtualHost *:80>
ServerName www.example2.com
ServerAlias example2.com
DocumentRoot /var/www/html/example2.com/public_html
</VirtualHost>
(and adding example.com and example2.com to /etc/hosts)
i can see that it works fine. example.com passes to example2.com and i can see
a test file in .well-known.
there must be a problem on my production server somehwere. the versions of
centos-release and httpd are identical
do you know of any particular configuration that would specifically disable the
! directive?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60850] ProxyPass ! directive not working
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
--- Comment #4 from nbmlaw@gmail.com ---
the hosting panel (sentora) handles redirects port override 80 to 443 and uses
mod_rewrite. i used sentora on CentOS 6 so this should not have changed
anything?
# DOMAIN: nbmlaw.co.uk
# PORT FORWARD FROM 80 TO: 443
<virtualhost *:80>
ServerName nbmlaw.co.uk
ServerAlias www.nbmlaw.co.uk
ServerAdmin matthew.broadhead@nbmlaw.co.uk
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</virtualhost>
# END DOMAIN: nbmlaw.co.uk
# DOMAIN: nbmlaw.co.uk
<virtualhost *:443>
ServerName nbmlaw.co.uk
ServerAlias www.nbmlaw.co.uk
ServerAdmin matthew.broadhead@nbmlaw.co.uk
DocumentRoot "/mnt/storage/var/sentora/hostdata/nbm/public_html/nbmlaw_co_uk"
php_admin_value open_basedir
"/mnt/storage/var/sentora/hostdata/nbm/public_html/nbmlaw_co_uk:/mnt/storage/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source,
shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice,
proc_terminate, proc_get_status,$
ErrorLog "/mnt/storage/var/sentora/logs/domains/nbm/nbmlaw.co.uk-error.log"
CustomLog "/mnt/storage/var/sentora/logs/domains/nbm/nbmlaw.co.uk-access.log"
combined
CustomLog
"/mnt/storage/var/sentora/logs/domains/nbm/nbmlaw.co.uk-bandwidth.log" common
<Directory "/mnt/storage/var/sentora/hostdata/nbm/public_html/nbmlaw_co_uk">
Options +FollowSymLinks -Indexes
AllowOverride All
Require all granted
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp
index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)
# Custom VH settings (if any exist)
#ProxyPass ^/images !
#ProxyPass ^/errors/ !
#ProxyPass ^/dl !
#LogLevel info proxy:debug
ProxyRequests Off
ProxyPass /.well-known !
ProxyPass / ajp://www.nbmlaw.co.uk:8010/
#ErrorDocument 503 /errors/503.htm
SSLEngine on
SSLCertificateFile
...keys removed
</virtualhost>
# END DOMAIN: nbmlaw.co.uk
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60850] ProxyPass ! directive not working
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60850
Matthew Broadhead <nb...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|NEEDINFO |RESOLVED
--- Comment #5 from Matthew Broadhead <nb...@gmail.com> ---
was a configuration problem of sentora control panel
https://github.com/sentora/sentora-core/issues/293 using wrong method to
redirect to https
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org