You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by allan juul <al...@muly.dk> on 2006/01/30 20:12:15 UTC
[users@httpd] reverse proxy - forward ip
hello,
we have on the same machine an apache2 in front (80) of a backend web
server (8000) in a reverse proxy set up. the backend sees the proxied
requests from the apache as coming from localhost.
we are in a situation were we need the backend to see the request coming
from anything but localhost.
one approach might be to establish a unique host header on the backend,
so the apache would forward requests like:
RewriteRule ^/(.*) http://unique.host.com:8000/$1 [p,l]
instead of
RewriteRule ^/(.*) http://localhost:8000/$1 [p,l]
i just wander if there are an easier / or even another solution to this?
perhaps forwarding the original client ip somehow.
thanks
./a
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] reverse proxy - forward ip
Posted by François Conil <co...@ece.fr>.
allan juul a écrit :
> hello,
>
> we have on the same machine an apache2 in front (80) of a backend web
> server (8000) in a reverse proxy set up. the backend sees the proxied
> requests from the apache as coming from localhost.
> we are in a situation were we need the backend to see the request coming
> from anything but localhost.
>
> one approach might be to establish a unique host header on the backend,
> so the apache would forward requests like:
>
> RewriteRule ^/(.*) http://unique.host.com:8000/$1 [p,l]
>
> instead of
>
> RewriteRule ^/(.*) http://localhost:8000/$1 [p,l]
>
>
> i just wander if there are an easier / or even another solution to this?
> perhaps forwarding the original client ip somehow.
>
> thanks
> ./a
Give a try to mod proxy,combined with mod_rpaf and mod_extract_forwarded
that allows the backend to "see" the forwarded host.
--
François Conil
Administrateur Systèmes et Réseaux
<Pax> I wish my lawn was emo, so it would cut itself.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: reverse proxy - forward ip
Posted by Joost de Heer <sa...@xs4all.nl>.
allan juul wrote:
> hello,
>
> we have on the same machine an apache2 in front (80) of a backend web
> server (8000) in a reverse proxy set up. the backend sees the proxied
> requests from the apache as coming from localhost.
> we are in a situation were we need the backend to see the request coming
> from anything but localhost.
Add a header 'X-Forwarded-For' with mod_headers, and then log the value of
that header in the backend application.
Joost
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] reverse proxy - forward ip
Posted by allan juul <al...@muly.dk>.
thanks for the suggestion. but to be more precise. i am interested in
the backend server seeing any request as coming from anything but localhost.
the backend could theoretically be serving just a gif image so a request
from the backend's point of view should somehow look like this in its
access log:
real-client-ip - - [22/May/2004:11:06:36] "GET / HTTP/1.1" 200 5969
unique.host.com - - [22/May/2004:11:06:36] "GET / HTTP/1.1" 200 5969
instead of:
127.0.0.1 - - [22/May/2004:11:06:36] "GET / HTTP/1.1" 200 5969
localhost - - [22/May/2004:11:06:36] "GET / HTTP/1.1" 200 5969
thanks again
./a
Boysenberry Payne wrote:
> Maybe try this:
>
> RewriteRule ^(.*)$
> http://unique.host.com:8000/$1?ip=%{REMOTE_ADDR} [P]
>
> or
>
> RewriteRule ^(.*)$
> http://unique.host.com:8000/index.php?request=$1&ip=%{REMOTE_ADDR} [P]
>
> with a rewrite rule on the receiving server to bring it back to the
> original request.
>
> You probably want something like mod_perl or php to handle this most
> effectively
> (i.e. for doing something with the IP addy, etc. )
>
>
> Boysenberry
>
> boysenberrys.com | habitatlife.com | selfgnosis.com
>
> On Jan 30, 2006, at 1:12 PM, allan juul wrote:
>
>> hello,
>>
>> we have on the same machine an apache2 in front (80) of a backend web
>> server (8000) in a reverse proxy set up. the backend sees the proxied
>> requests from the apache as coming from localhost.
>> we are in a situation were we need the backend to see the request coming
>> from anything but localhost.
>>
>> one approach might be to establish a unique host header on the backend,
>> so the apache would forward requests like:
>>
>> RewriteRule ^/(.*) http://unique.host.com:8000/$1 [p,l]
>>
>> instead of
>>
>> RewriteRule ^/(.*) http://localhost:8000/$1 [p,l]
>>
>>
>> i just wander if there are an easier / or even another solution to this?
>> perhaps forwarding the original client ip somehow.
>>
>> thanks
>> ./a
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] reverse proxy - forward ip
Posted by Boysenberry Payne <bo...@humaniteque.com>.
Maybe try this:
RewriteRule ^(.*)$ http://unique.host.com:8000/$1?ip=%{REMOTE_ADDR}
[P]
or
RewriteRule ^(.*)$
http://unique.host.com:8000/index.php?request=$1&ip=%{REMOTE_ADDR} [P]
with a rewrite rule on the receiving server to bring it back to the
original request.
You probably want something like mod_perl or php to handle this most
effectively
(i.e. for doing something with the IP addy, etc. )
Boysenberry
boysenberrys.com | habitatlife.com | selfgnosis.com
On Jan 30, 2006, at 1:12 PM, allan juul wrote:
> hello,
>
> we have on the same machine an apache2 in front (80) of a backend web
> server (8000) in a reverse proxy set up. the backend sees the proxied
> requests from the apache as coming from localhost.
> we are in a situation were we need the backend to see the request
> coming
> from anything but localhost.
>
> one approach might be to establish a unique host header on the backend,
> so the apache would forward requests like:
>
> RewriteRule ^/(.*) http://unique.host.com:8000/$1 [p,l]
>
> instead of
>
> RewriteRule ^/(.*) http://localhost:8000/$1 [p,l]
>
>
> i just wander if there are an easier / or even another solution to
> this?
> perhaps forwarding the original client ip somehow.
>
> thanks
> ./a
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org