How to Proxy Rest API endpoint on Apache HTTPd. React Frontend and NodeJS Rest Endpoints

Question

Ive been trying to figure how to proxy my REST API endpoints in in Apache HTTPD.

• Apache HTTPD 2.4.6 (Centos)
• Front End - React Appliction (create-react-app)
• Node JS API Endpoints via port 9000. Im using a nodejs gateway called fast-gateway.
• Rest Endpoint served using self-signed certificates. For development environment only, will change once we get to production.

I've configured the SSL.conf in /etc/httpd/conf.d as follows:

##
## SSL Virtual Host Context
##

<VirtualHost *:443>

        DocumentRoot "/var/www/webserver/html/build"
        SSLEngine On
        SSLCACertificateFile /etc/ssl/certs/ca.cer
        SSLCertificateFile   /etc/ssl/certs/WEBSERVER.crt
        SSLCertificateKeyFile /etc/ssl/private/WEBSERVER.key

        Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
        Header always set X-Frame-Options DENY
        Header always set X-Content-Type-Options nosniff

        #PROXY
        SSLProxyEngine On
        ProxyRequests off
        ProxyPreserveHost On
        ProxyTimeout 1200

        SSLProxyVerify none
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName off
        SSLProxyCheckPeerExpire off

        #RewriteEngine on
        ProxyPass /business https://appserver:9000
        ProxyPassReverse /business https://appserver:9000/
 
Options -Indexes
Options -ExecCGI -FollowSymLinks -Includes

</VirtualHost>

# intermediate config
SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder     off
SSLSessionTickets       off

SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"

Once I perform a request on the frontend, I get an error 404 when calling the endpoints

Request URL: https://webserver/business/api/login
Request Method: POST
Status Code: 404 Not Found
Remote Address: 192.168.56.129:443
Referrer Policy: strict-origin-when-cross-origin

My sites-available config

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.

        ServerName webserver
        ServerAlias webserver
        DocumentRoot /var/www/webserver/html/build

</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Should I do a URL rewrite? supposedly the endpoint address should be https://appserver/business/api/login, could this be the reason for 404? or have I configured anything incorrectly?

Answer 1

To proxy https://webserver/business/api to https://appserver:9000/business/api, you need

ProxyPass        /business/ https://appserver:9000/business/
ProxyPassReverse /business/ https://appserver:9000/business/

Answer 2

You may want to try the following:

 RewriteCond %{REQUEST_URI} /business/ [NC]
    RewriteRule /business/(.*) https://appserver:9000/business/$1?%{QUERY_STRING} [P,L] [R=307]

i read that the Redirect flag must be 307 for the mode of the requests to be passed as they are. Please let me know if it works for you.