You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by joe a <jo...@j4computers.com> on 2024/02/05 16:55:04 UTC
[users@httpd] Forwarding question.
In a case where there is only one available incoming IP, is there a way,
within apache, to host different domains, each on its own internal
server, without requiring the external "calling browser" being any the
wiser? That is, without requiring the browser to "ask again" in a
different manner?
Want to host a low volume (and low cost) family oriented site (not
apache) without having to resort to additional static IP or move to an
off site "hosted" service.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by Richard <li...@listmail.innovate.net>.
> Date: Thursday, February 08, 2024 22:52:59 -0500
> From: joe a <jo...@j4computers.com>
>
> There are some issues accessing from off premises, that is, when
> requests are entering via the internet facing router. Like 301 and
> 400 errors.
>
> ...
>
> On the apache server the hosts files is used to resolve the host
> names to the target server.
>
> Where have I gone wrong?
Your apache/nginx error logs should give rather more detail, what do
they show?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by joe a <jo...@j4computers.com>.
On 2/8/2024 22:52:59, joe a wrote:
> On 2/5/2024 14:19:24, joe a wrote:
>> On 2/5/2024 13:24:22, Frank Gingras wrote:
>>>
>>>
>>> On Mon, Feb 5, 2024 at 1:20 PM joe a <joea-lists@j4computers.com
>>> <ma...@j4computers.com>> wrote:
>>>
>>> On 2/5/2024 11:58:55, Frank Gingras wrote:
>>> >
>>> >
>>> > On Mon, Feb 5, 2024 at 11:55 AM joe a <joea-lists@j4computers.com
>>> <ma...@j4computers.com>
>>> > <mailto:joea-lists@j4computers.com
>>> <ma...@j4computers.com>>> wrote:
>>> >
>>> > In a case where there is only one available incoming IP, is
>>> there a
>>> > way,
>>> > within apache, to host different domains, each on its own
>>> internal
>>> > server, without requiring the external "calling browser"
>>> being any the
>>> > wiser? That is, without requiring the browser to "ask again"
>>> in a
>>> > different manner?
>>> >
>>> > Want to host a low volume (and low cost) family oriented site
>>> (not
>>> > apache) without having to resort to additional static IP or
>>> move to an
>>> > off site "hosted" service.
>>> >
>>> >
>>> >
>>> ---------------------------------------------------------------------
>>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> <ma...@httpd.apache.org>
>>> > <mailto:users-unsubscribe@httpd.apache.org
>>> <ma...@httpd.apache.org>>
>>> > For additional commands, e-mail: users-help@httpd.apache.org
>>> <ma...@httpd.apache.org>
>>> > <mailto:users-help@httpd.apache.org
>>> <ma...@httpd.apache.org>>
>>> >
>>> >
>>> > All you need here is name-based vhosts, and reverse proxy to the
>>> > internal server when needed.
>>> >
>>>
>>> Since I am not that experienced in apache configuation, I may
>>> have some
>>> simple questions.
>>>
>>> In the modern scheme, should the modules required be specified in
>>> httpd.conf or in loadmodule.conf? Does it really matter other than
>>> for
>>> consistency?
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> <ma...@httpd.apache.org>
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>> <ma...@httpd.apache.org>
>>>
>>>
>>> The config file name(s) do not matter, as long as you know what you
>>> added and where, and it makes sense for you.
>>>
>>> Make sure additional config files are included with the Include
>>> directive, if you're creating a new file.
>>
>> Woo Hoo! Even I managed it. And, as a bonus, the originally served
>> stuff still works. Well . . . so far.
>>
>> Thanks much.
>>
>>
>
> There are some issues accessing from off premises, that is, when
> requests are entering via the internet facing router. Like 301 and 400
> errors.
>
> Configuration is like this:
>
> Internet router->
> server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app. The domain names are the same on each server. Currently believe they must be for certificate generation and use.
>
> The virtual host on apache is configured thusly:
>
> <VirtualHost *:80>
> ServerName www.my-domain.com
> ServerAlias www.my-domain.org my-domain.com my-domain.org
> ProxyPass "/" "http://www.my-domain.com/"
> ProxyPassReverse "/" "http://my-domain.com/"
> </VirtualHost>
> <VirtualHost *:443>
> # SSLEngine ON
> ServerName www.my-domain.com
> ServerAlias www.my-domain.org my-domain.com my-domain.org
> ProxyPass "/" "https://www.my-domain.com/"
> ProxyPassReverse "/" "https://www.my-domain.com/"
> </VirtualHost>
>
> On the apache server the hosts files is used to resolve the host names
> to the target server.
>
> Where have I gone wrong?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
--
Adding "SSLProxyEngine on" to the vhost config seems to have been the issue.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by joe a <jo...@j4computers.com>.
On 2/8/2024 23:58:07, Frank Gingras wrote:
. . .
>
> There are some issues accessing from off premises, that is, when
> requests are entering via the internet facing router. Like 301 and 400
> errors.
>
> Configuration is like this:
>
> Internet router->
> server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app.
> The domain names are the same on each server. Currently believe they
> must be for certificate generation and use.
>
> The virtual host on apache is configured thusly:
>
> <VirtualHost *:80>
> ServerName www.my-domain.com <http://www.my-domain.com>
> ServerAlias www.my-domain.org <http://www.my-domain.org>
> my-domain.com <http://my-domain.com> my-domain.org
> <http://my-domain.org>
> ProxyPass "/" "http://www.my-domain.com/
> <http://www.my-domain.com/>"
> ProxyPassReverse "/" "http://my-domain.com/
> <http://my-domain.com/>"
> </VirtualHost>
> <VirtualHost *:443>
> # SSLEngine ON
> ServerName www.my-domain.com <http://www.my-domain.com>
> ServerAlias www.my-domain.org <http://www.my-domain.org>
> my-domain.com <http://my-domain.com> my-domain.org
> <http://my-domain.org>
> ProxyPass "/" "https://www.my-domain.com/
> <https://www.my-domain.com/>"
> ProxyPassReverse "/" "https://www.my-domain.com/
> <https://www.my-domain.com/>"
> </VirtualHost>
>
> On the apache server the hosts files is used to resolve the host names
> to the target server.
>
> Where have I gone wrong?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <ma...@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> <ma...@httpd.apache.org>
>
>
> Why are you using nginx at all in this set up?
The application, a FOSS project, provided a docker image to ease setup
for internet access, that includes the app, nginx and an
"acme-companion" for certificate generation.
I can add that the certificate, via the app and Lets Encrypt, seems to
have generated and installed properly, which suggests the basic
forwarding worked.
Also, if I hack the local dns to resolve to the nginx box rather than
the apache box (avoiding the forward) things work fine. Only when it
resolves to the apache box, as would access via the internet router
(which of course involves an IP forward) does the problem surface.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by Frank Gingras <th...@apache.org>.
On Thu, Feb 8, 2024 at 10:53 PM joe a <jo...@j4computers.com> wrote:
> On 2/5/2024 14:19:24, joe a wrote:
> > On 2/5/2024 13:24:22, Frank Gingras wrote:
> >>
> >>
> >> On Mon, Feb 5, 2024 at 1:20 PM joe a <joea-lists@j4computers.com
> >> <ma...@j4computers.com>> wrote:
> >>
> >> On 2/5/2024 11:58:55, Frank Gingras wrote:
> >> >
> >> >
> >> > On Mon, Feb 5, 2024 at 11:55 AM joe a <
> joea-lists@j4computers.com
> >> <ma...@j4computers.com>
> >> > <mailto:joea-lists@j4computers.com
> >> <ma...@j4computers.com>>> wrote:
> >> >
> >> > In a case where there is only one available incoming IP, is
> >> there a
> >> > way,
> >> > within apache, to host different domains, each on its own
> >> internal
> >> > server, without requiring the external "calling browser"
> >> being any the
> >> > wiser? That is, without requiring the browser to "ask again"
> >> in a
> >> > different manner?
> >> >
> >> > Want to host a low volume (and low cost) family oriented site
> >> (not
> >> > apache) without having to resort to additional static IP or
> >> move to an
> >> > off site "hosted" service.
> >> >
> >> >
> >> >
> >> ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> <ma...@httpd.apache.org>
> >> > <mailto:users-unsubscribe@httpd.apache.org
> >> <ma...@httpd.apache.org>>
> >> > For additional commands, e-mail: users-help@httpd.apache.org
> >> <ma...@httpd.apache.org>
> >> > <mailto:users-help@httpd.apache.org
> >> <ma...@httpd.apache.org>>
> >> >
> >> >
> >> > All you need here is name-based vhosts, and reverse proxy to the
> >> > internal server when needed.
> >> >
> >>
> >> Since I am not that experienced in apache configuation, I may have
> >> some
> >> simple questions.
> >>
> >> In the modern scheme, should the modules required be specified in
> >> httpd.conf or in loadmodule.conf? Does it really matter other than
> >> for
> >> consistency?
> >>
> >>
> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> <ma...@httpd.apache.org>
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >> <ma...@httpd.apache.org>
> >>
> >>
> >> The config file name(s) do not matter, as long as you know what you
> >> added and where, and it makes sense for you.
> >>
> >> Make sure additional config files are included with the Include
> >> directive, if you're creating a new file.
> >
> > Woo Hoo! Even I managed it. And, as a bonus, the originally served
> > stuff still works. Well . . . so far.
> >
> > Thanks much.
> >
> >
>
> There are some issues accessing from off premises, that is, when
> requests are entering via the internet facing router. Like 301 and 400
> errors.
>
> Configuration is like this:
>
> Internet router->
> server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app.
>
> The domain names are the same on each server. Currently believe they
> must be for certificate generation and use.
>
> The virtual host on apache is configured thusly:
>
> <VirtualHost *:80>
> ServerName www.my-domain.com
> ServerAlias www.my-domain.org my-domain.com my-domain.org
> ProxyPass "/" "http://www.my-domain.com/"
> ProxyPassReverse "/" "http://my-domain.com/"
> </VirtualHost>
> <VirtualHost *:443>
> # SSLEngine ON
> ServerName www.my-domain.com
> ServerAlias www.my-domain.org my-domain.com my-domain.org
> ProxyPass "/" "https://www.my-domain.com/"
> ProxyPassReverse "/" "https://www.my-domain.com/"
> </VirtualHost>
>
> On the apache server the hosts files is used to resolve the host names
> to the target server.
>
> Where have I gone wrong?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Why are you using nginx at all in this set up?
Re: [users@httpd] Forwarding question.
Posted by joe a <jo...@j4computers.com>.
On 2/5/2024 14:19:24, joe a wrote:
> On 2/5/2024 13:24:22, Frank Gingras wrote:
>>
>>
>> On Mon, Feb 5, 2024 at 1:20 PM joe a <joea-lists@j4computers.com
>> <ma...@j4computers.com>> wrote:
>>
>> On 2/5/2024 11:58:55, Frank Gingras wrote:
>> >
>> >
>> > On Mon, Feb 5, 2024 at 11:55 AM joe a <joea-lists@j4computers.com
>> <ma...@j4computers.com>
>> > <mailto:joea-lists@j4computers.com
>> <ma...@j4computers.com>>> wrote:
>> >
>> > In a case where there is only one available incoming IP, is
>> there a
>> > way,
>> > within apache, to host different domains, each on its own
>> internal
>> > server, without requiring the external "calling browser"
>> being any the
>> > wiser? That is, without requiring the browser to "ask again"
>> in a
>> > different manner?
>> >
>> > Want to host a low volume (and low cost) family oriented site
>> (not
>> > apache) without having to resort to additional static IP or
>> move to an
>> > off site "hosted" service.
>> >
>> >
>> >
>> ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> <ma...@httpd.apache.org>
>> > <mailto:users-unsubscribe@httpd.apache.org
>> <ma...@httpd.apache.org>>
>> > For additional commands, e-mail: users-help@httpd.apache.org
>> <ma...@httpd.apache.org>
>> > <mailto:users-help@httpd.apache.org
>> <ma...@httpd.apache.org>>
>> >
>> >
>> > All you need here is name-based vhosts, and reverse proxy to the
>> > internal server when needed.
>> >
>>
>> Since I am not that experienced in apache configuation, I may have
>> some
>> simple questions.
>>
>> In the modern scheme, should the modules required be specified in
>> httpd.conf or in loadmodule.conf? Does it really matter other than
>> for
>> consistency?
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> <ma...@httpd.apache.org>
>> For additional commands, e-mail: users-help@httpd.apache.org
>> <ma...@httpd.apache.org>
>>
>>
>> The config file name(s) do not matter, as long as you know what you
>> added and where, and it makes sense for you.
>>
>> Make sure additional config files are included with the Include
>> directive, if you're creating a new file.
>
> Woo Hoo! Even I managed it. And, as a bonus, the originally served
> stuff still works. Well . . . so far.
>
> Thanks much.
>
>
There are some issues accessing from off premises, that is, when
requests are entering via the internet facing router. Like 301 and 400
errors.
Configuration is like this:
Internet router->
server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app.
The domain names are the same on each server. Currently believe they
must be for certificate generation and use.
The virtual host on apache is configured thusly:
<VirtualHost *:80>
ServerName www.my-domain.com
ServerAlias www.my-domain.org my-domain.com my-domain.org
ProxyPass "/" "http://www.my-domain.com/"
ProxyPassReverse "/" "http://my-domain.com/"
</VirtualHost>
<VirtualHost *:443>
# SSLEngine ON
ServerName www.my-domain.com
ServerAlias www.my-domain.org my-domain.com my-domain.org
ProxyPass "/" "https://www.my-domain.com/"
ProxyPassReverse "/" "https://www.my-domain.com/"
</VirtualHost>
On the apache server the hosts files is used to resolve the host names
to the target server.
Where have I gone wrong?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by joe a <jo...@j4computers.com>.
On 2/5/2024 13:24:22, Frank Gingras wrote:
>
>
> On Mon, Feb 5, 2024 at 1:20 PM joe a <joea-lists@j4computers.com
> <ma...@j4computers.com>> wrote:
>
> On 2/5/2024 11:58:55, Frank Gingras wrote:
> >
> >
> > On Mon, Feb 5, 2024 at 11:55 AM joe a <joea-lists@j4computers.com
> <ma...@j4computers.com>
> > <mailto:joea-lists@j4computers.com
> <ma...@j4computers.com>>> wrote:
> >
> > In a case where there is only one available incoming IP, is
> there a
> > way,
> > within apache, to host different domains, each on its own
> internal
> > server, without requiring the external "calling browser"
> being any the
> > wiser? That is, without requiring the browser to "ask again"
> in a
> > different manner?
> >
> > Want to host a low volume (and low cost) family oriented site
> (not
> > apache) without having to resort to additional static IP or
> move to an
> > off site "hosted" service.
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <ma...@httpd.apache.org>
> > <mailto:users-unsubscribe@httpd.apache.org
> <ma...@httpd.apache.org>>
> > For additional commands, e-mail: users-help@httpd.apache.org
> <ma...@httpd.apache.org>
> > <mailto:users-help@httpd.apache.org
> <ma...@httpd.apache.org>>
> >
> >
> > All you need here is name-based vhosts, and reverse proxy to the
> > internal server when needed.
> >
>
> Since I am not that experienced in apache configuation, I may have some
> simple questions.
>
> In the modern scheme, should the modules required be specified in
> httpd.conf or in loadmodule.conf? Does it really matter other than
> for
> consistency?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <ma...@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> <ma...@httpd.apache.org>
>
>
> The config file name(s) do not matter, as long as you know what you
> added and where, and it makes sense for you.
>
> Make sure additional config files are included with the Include
> directive, if you're creating a new file.
Woo Hoo! Even I managed it. And, as a bonus, the originally served
stuff still works. Well . . . so far.
Thanks much.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by Frank Gingras <th...@apache.org>.
On Mon, Feb 5, 2024 at 1:20 PM joe a <jo...@j4computers.com> wrote:
> On 2/5/2024 11:58:55, Frank Gingras wrote:
> >
> >
> > On Mon, Feb 5, 2024 at 11:55 AM joe a <joea-lists@j4computers.com
> > <ma...@j4computers.com>> wrote:
> >
> > In a case where there is only one available incoming IP, is there a
> > way,
> > within apache, to host different domains, each on its own internal
> > server, without requiring the external "calling browser" being any
> the
> > wiser? That is, without requiring the browser to "ask again" in a
> > different manner?
> >
> > Want to host a low volume (and low cost) family oriented site (not
> > apache) without having to resort to additional static IP or move to
> an
> > off site "hosted" service.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > <ma...@httpd.apache.org>
> > For additional commands, e-mail: users-help@httpd.apache.org
> > <ma...@httpd.apache.org>
> >
> >
> > All you need here is name-based vhosts, and reverse proxy to the
> > internal server when needed.
> >
>
> Since I am not that experienced in apache configuation, I may have some
> simple questions.
>
> In the modern scheme, should the modules required be specified in
> httpd.conf or in loadmodule.conf? Does it really matter other than for
> consistency?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
The config file name(s) do not matter, as long as you know what you added
and where, and it makes sense for you.
Make sure additional config files are included with the Include directive,
if you're creating a new file.
Re: [users@httpd] Forwarding question.
Posted by joe a <jo...@j4computers.com>.
On 2/5/2024 11:58:55, Frank Gingras wrote:
>
>
> On Mon, Feb 5, 2024 at 11:55 AM joe a <joea-lists@j4computers.com
> <ma...@j4computers.com>> wrote:
>
> In a case where there is only one available incoming IP, is there a
> way,
> within apache, to host different domains, each on its own internal
> server, without requiring the external "calling browser" being any the
> wiser? That is, without requiring the browser to "ask again" in a
> different manner?
>
> Want to host a low volume (and low cost) family oriented site (not
> apache) without having to resort to additional static IP or move to an
> off site "hosted" service.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <ma...@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> <ma...@httpd.apache.org>
>
>
> All you need here is name-based vhosts, and reverse proxy to the
> internal server when needed.
>
Since I am not that experienced in apache configuation, I may have some
simple questions.
In the modern scheme, should the modules required be specified in
httpd.conf or in loadmodule.conf? Does it really matter other than for
consistency?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Forwarding question.
Posted by Frank Gingras <th...@apache.org>.
On Mon, Feb 5, 2024 at 11:55 AM joe a <jo...@j4computers.com> wrote:
> In a case where there is only one available incoming IP, is there a way,
> within apache, to host different domains, each on its own internal
> server, without requiring the external "calling browser" being any the
> wiser? That is, without requiring the browser to "ask again" in a
> different manner?
>
> Want to host a low volume (and low cost) family oriented site (not
> apache) without having to resort to additional static IP or move to an
> off site "hosted" service.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
All you need here is name-based vhosts, and reverse proxy to the internal
server when needed.