You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Rafael Caceres <rc...@m1.aasa.com.pe> on 2004/01/16 21:55:05 UTC
Re: Different results using mod_proxy or mod_rewrite vs direct
server - followup
On Mon, 2004-01-12 at 17:55, Stas Bekman wrote:
> Rafael Caceres wrote:
> > I'm setting up a HTTP/HTPPS reverse proxy server with apache on my DMZ.
> > The proxy will access an internal server (insidelan.server.com) to
> > provide content to outside users.
> > I've attempted using mod_proxy:
> > <VirtualHost 1.2.3.4:80>
> > ServerName insidelan.server.com
> > ProxyPass / http://insidelan.server.com/
> > ProxyPassReverse / http://insidelan.server.com/
> > </Virtualhost>
> >
> > and using mod_rewrite:
> > <VirtualHost 1.2.3.4:443>
> > ServerName insidelan.server.com
> > RewriteRule /(.*)$ http://insidelan.server.com/$1 [P]
> > </VirtualHost>
>
> Don't you miss:
>
> ProxyPassReverse / http://insidelan.server.com/
>
> in the mod_rewrite case if you want it to be equivalent to the mod_proxy vhost
> setup? [P] does only the 'ProxyPass / http://insidelan.server.com/' part.
>
You're right. Fact is we exercised the HTTPS part only when using the
login windows, which inmediately redirected to /index using HTTP.
Is there a way to make sure that people coming through the DMZ can only
see a subset of the site (say, an /extranet branch)?
> > Everything seems to work fine (including the HTTPS proxy, cookies, etc.,
> > etc.), except that I'm getting:
> > Proxy Error
> > The proxy server received an invalid response from an upstream server
> > The proxy server could not handle the requet GET /perl/program.pl
> > Reason: Document contains no data
> >
> > The very same URL: http://insidelan.server.com/perl/program.pl (that
> > runs under Apache::Registry) works just fine when used from inside the
> > LAN (that is, directly).
> >
> > I also copied program.pl to the cgi-bin directory (to run it as a
> > standard CGI), and called the resulting URL:
> > http://insidelan.server.com/cgi-bin/program.pl and what comes up is the
> > text of the generated HTML page.
> > Strangely enough, some other perl scripts (in cgi-bin or perl) work fine
> > through the proxy.
> >
>
> What's the global difference between working and non-working scripts (e.g. are
> all non-working are processing GET requests?).
>
I found that the difference could be attributed to /cgi-bin having
PerlSendHeader Off and /perl having PerlSendHeader On.
The scripts using Template Toolkit (and not having an print
$query->header (or similar) did not show up when viewed through the
proxy.
The quick fix was adding the print $query-header to scripts using
Template Toolkit. What still puzzles me, is that they work when viewed
directly and through a standard Squid proxy, and what to do if I ever
need to set cookies that can depend on template work.
Rafael Caceres
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html