0

So I used iptables to redirect traffic from 80 to 8501 as follows:

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8501

However this doesn't work with https. I was able to do the certbot stuff successfully however my script only listens to :8501. How can I make sure that the user doesn't have to type the extra example.com:8501 and that example.com always shows contents from :8501? I have the following code that I was suggested but I'm not sure where to put this text:

RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket
RewriteRule /(.*) ws://localhost:8501/$1 [P]
RewriteCond %{HTTP:Upgrade} !=websocket
RewriteRule /(.*) http://localhost:8501/$1 [P]
ProxyPassReverse / http://localhost:8501

I've also tried changing to Listen 8501 in the ports.conf file but everytime I do that and I try to restart it, it refuses to restart with the error:

Job for apache2.service failed because the control process exited with error code.

UPDATE: so I was able to redirect 8501 to 80 (conf can be seen in the images below) however it still shows the default Apache page when accessed through https :/

enter image description here enter image description here

Mansidak
  • 11
  • 2
  • Can you describe what problem you're attempting to solve? It sounds like an X-Y problem. – vidarlo Mar 06 '23 at 20:25
  • @vidarlo I just updated the question with more details :) Basically, my script only listens to 8501 and I want that user to be able to access it through https://example.com rather than https://example.com:8501 – Mansidak Mar 06 '23 at 20:47
  • Do you want to use Apache as reverse proxy, or do you want to use iptables? Do you want https to be terminated by Apache? If so, https is port 443, not 80. – vidarlo Mar 06 '23 at 21:13
  • I don't wish tot use iptabels. I wish to use APache as a reverse proxy. I don't want https to be terminated. I just want the user to be able to access my https:// example/com:8501 without typing in the 8501. Are you suggesting I make the changed I made to port 80 to port 443 instead? – Mansidak Mar 06 '23 at 21:18
  • Do you want your application or Apache to handle certificates? And https is on port 443, not 80. – vidarlo Mar 06 '23 at 21:36
  • I'm not sure what that means? Pardon my lack of knowledge, this is my first time deploying on AWS using apache2 and an ubuntu server – Mansidak Mar 06 '23 at 21:41
  • I think you should read up on how http, https and reverse proxying works, and what is required. You're mixing multiple concepts, and answering it here is probably outside the scope of this site. – vidarlo Mar 07 '23 at 06:34

0 Answers0