You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Heitmann, Herwarth" <he...@orangemail.nl> on 2005/06/23 17:23:58 UTC
[users@httpd] apache 2.0 as reverse proxy using mod_rewrite
hello,
i have some difficulties using apache webserver as a reverse proxy. i am
sure it has to do something with url rewriting.
the situation is as follows.
- at our company we have some external ip address accessible via the
internet. these ip addresses has to be assigned to the external ethernet
card of the apache machine. we want to terminate ssl connections on the
reverse proxy so we are using ip based virtual hosting which works
great.
- on the second ethernet card we have a connection to the actual
websites.
internet
multiple ip's -------------reverse proxy---------------multiple websites
we have a complex application running on the reverse proxy and it does
authentication to another website using the same reverse proxy
https://webserver ------------ reverse proxy ----------
http://webserver-internal (application redirects to
https://login/?return=https://webserver)
https://login ------------------- reverse proxy -----------
http://login-internal (application does authentication)
https://webserver ------------ reverse proxy ----------
http://webserver-internal
httpd conf for virtual host:
Listen ip-address:443
<VirtualHost ip-address:443>
ServerAdmin webmaster@webserver
ServerName webserver
ProxyPass / http://webserver-internal/
ProxyPassReverse / http://ip-address-internal/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key
ErrorLog logs/error_log_webserver
TransferLog logs/access_log_webserver
RewriteEngine On
RewriteRule ^/$ https://webserverl/$1 [R,L]
</VirtualHost>
it is strange because i get a http 302 return in the browser and does
not continue.... it reaches webserver-internal with statement found 302
and then it stops.... it terminates ssl as expected...
what am i doing wrong?
greetings,
herwarth
===========================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email.
The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email.
===========================================================
Re: [users@httpd] https redirect
Posted by Joost de Heer <sa...@xs4all.nl>.
> We now see the need to move the non-secure site to it's own server. So I
> need apache to redirect all the non-secure traffic from the old server to
> the new server, and all the secure traffic from the new server to the old
> server. I have accomplished the non-secure traffic of the old server to
> be
> redirected, but I can't get the new server secure traffic to be
> redirected.
>
> is this even possible?
If I get this correct:
Current situation:
http://domain and https://domain both point to the current machine
New situation:
http://domain to the new machine, https://domain to the current machine.
Possible solution:
have DNS point 'domain' to the current machine, and use reverse proxying
to pass the http-requests to the new machine.
Joost
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] https redirect
Posted by Jignesh Badani <jb...@mmsa.com>.
Shawn, this does not make sense.
In the new server design you want:
ServerOld (https) ---- IP Address 1 ----
https://www.domain.com
ServerNew (http) ---- IP Address 2 ----
http://www.domain.com
So inorder for this to work, you will need to implement some kind of Route
decision to route https://www.domain.com request to IP 1 and
http://www.domain.com to IP 2. If this is possible and you have it
working, then why/how will the secure traffic come to the unsecure server
(ServerNew) in the first place and vice-versa !?
Excuse me if I am missing something !?
"Shawn Marchewka" <sh...@benxcel.com>
06/23/2005 08:42 AM
Please respond to
users@httpd.apache.org
To
<us...@httpd.apache.org>
cc
Subject
[users@httpd] https redirect
I have a site. We'll say it's http://www.domain.com . On the same
server,
I have https://www.domain.com . Each site has different content. The
none
secure site is more of a "marketing" side of the server, while the secure
site, is a site for customer login, etc.
We now see the need to move the non-secure site to it's own server. So I
need apache to redirect all the non-secure traffic from the old server to
the new server, and all the secure traffic from the new server to the old
server. I have accomplished the non-secure traffic of the old server to
be
redirected, but I can't get the new server secure traffic to be
redirected.
is this even possible?
-Shawn
Shawn Marchewka
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] https redirect
Posted by Shawn Marchewka <sh...@benxcel.com>.
I have a site. We'll say it's http://www.domain.com . On the same server,
I have https://www.domain.com . Each site has different content. The none
secure site is more of a "marketing" side of the server, while the secure
site, is a site for customer login, etc.
We now see the need to move the non-secure site to it's own server. So I
need apache to redirect all the non-secure traffic from the old server to
the new server, and all the secure traffic from the new server to the old
server. I have accomplished the non-secure traffic of the old server to be
redirected, but I can't get the new server secure traffic to be redirected.
is this even possible?
-Shawn
Shawn Marchewka
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org