You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Keith Bare <kb...@club.cc.cmu.edu> on 2005/05/07 08:52:24 UTC
[users@httpd] mod_rewrite - Reverse Proxying CGIs with PATH_INFO to a Backend
I want to setup two machines: one will handle static pages, the second
will handle CGI scripts. I would like all clients to connect to the
first machine, which will use mod_rewrite to transparently proxy
requests for CGIs to the second.
This seems like it would as simple as
RewriteRule /(.*\.cgi)$ http://cgi-backend/$1 [P]
but this fails for CGI scripts that use PATH_INFO.
I have written a Perl script that, when used as a RewriteMap, fakes
knowing whether or not a request is for a CGI by walking backwards
through a path until it finds a directory or file that exists.
However, this has the drawback that I need to map URLs to local paths
manually with RewriteRules, and then convert the path back to a URL
for proxying if the path references a CGI.
I imagine there has to be some better way to do this. Is there some
way, for example, that I could tell, using a RewriteCond, if a request
would result in a CGI being executed? If not, what is the recommended
way to implement the described setup?
Thank you,
Keith Bare
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite - Reverse Proxying CGIs with PATH_INFO to a Backend
Posted by Keith Bare <kb...@club.cc.cmu.edu>.
On Thu, May 12, 2005 at 11:27:06AM +0100, Nick Kew wrote:
> Erm, if the CGI is proxied, then all you can determine is whether
> a proxy request will be executed. What the backend does internally
> is its business.
>
> Maybe what you really want is to make your proxy into a 404
> errordocument?
Both CGIs and static pages are served out of AFS. The backend has
ExecCGI turned on, the frontend has it turned off. Without any
RewriteRules in place, the frontend would see that a URL refererences
a CGI (even with PATH_INFO), but then would send a 403 because ExecCGI
is turned off. So at some point the frontend does realize that the
request is for a CGI.
Using an ErrorDocument for 403 in conjunction with mod_rewrite might
work. I'll play around with it some and see what I can do.
Thanks again,
Keith Bare
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite - Reverse Proxying CGIs with PATH_INFO
to a Backend
Posted by Nick Kew <ni...@webthing.com>.
Keith Bare wrote:
> It seems like there SHOULD be some way to use a subrequest to
> determine if a CGI would be executed.
Erm, if the CGI is proxied, then all you can determine is whether
a proxy request will be executed. What the backend does internally
is its business.
Maybe what you really want is to make your proxy into a 404
errordocument?
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite - Reverse Proxying CGIs with PATH_INFO to a Backend
Posted by Keith Bare <kb...@club.cc.cmu.edu>.
On Sat, May 07, 2005 at 08:05:11AM +0100, Nick Kew wrote:
> Keith Bare wrote:
>
> > RewriteRule /(.*\.cgi)$ http://cgi-backend/$1 [P]
> >
> > but this fails for CGI scripts that use PATH_INFO.
>
> Of course it does. The $ means it matches only at the
> end of a URL. If the string ".cgi" is sufficient to identify
> the URL as CGI, then just add another .* before closing your
> brackets.
An issue with that, is it will also proxy requests for static pages
that have names containing ".cgi" to the backend. This is okay with
the current setup I'm using, but if I configure the backend so it
won't serve any static pages, these pages would become inaccessible.
Another issue is that, perhaps some user might write a buggy CGI that
would take down the backend. I wouldn't want any static pages to
become inaccessible if this were to happen. I agree that static pages
should not contain a ".cgi" in their name, but I don't have control
over what my users do.
It seems like there SHOULD be some way to use a subrequest to
determine if a CGI would be executed. Is there some crafty way to use
%{LA-U:...} or %{LA-F:...} to do this? Or by having apache do
something special whenever it tries to execute a CGI that mod_rewrite
can catch? I wouldn't think I'm the only person trying to do
something like this.
-Keith Bare
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite - Reverse Proxying CGIs with PATH_INFO
to a Backend
Posted by Nick Kew <ni...@webthing.com>.
Keith Bare wrote:
> RewriteRule /(.*\.cgi)$ http://cgi-backend/$1 [P]
>
> but this fails for CGI scripts that use PATH_INFO.
Of course it does. The $ means it matches only at the
end of a URL. If the string ".cgi" is sufficient to identify
the URL as CGI, then just add another .* before closing your
brackets.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org