Apache Proxying Setup

Question

I have a scenario as below:

I have a URL with DNS Entry, say http://example.com When the user enters http://example.com/portal, (s)he lands on Apache (2.2) Web Server (say AWS 1). There I have a VirtualHost Entry which proxies the request to another Apache Web Server (say AWS 2) running on LAN, say IP 192.168.1.1 using reverse proxy. The Apache Web Server on 192.168.1.1 then forwards the request to JBoss Application Server, using reverse proxy.

On doing so, the URL of the resultant page is changed to the LAN IP https:\\192.168.1.2\portal.

I want the original URL to be intact, as the external users' system doesn't know what 192.168.1.2 is.

This is my first question. Please bear with me if it wasn't self-explanatory.

Below is the snippet of vhost file from AWS 1:

<VirtualHost 192.168.10.179:80>
  ServerAdmin admin@example.com
  DocumentRoot "D:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
  ServerName example
  ServerAlias example
  ErrorLog "logs/example-error.log"

  # use always https
  Redirect pernament / https://example.com/
</VirtualHost>

Below is the snippet from ssl file of AWS 1 (its not the complete config):

<VirtualHost 192.168.10.179:443>
  ServerAdmin admin@example.com
  DocumentRoot "D:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
  ServerName example
  ServerAlias example
  ErrorLog "logs/example-ssl-error.log"

  ProxyRequests Off
  ProxyPreserveHost On

  ProxyPass / http://192.168.1.1/
  ProxyPassReverse / http://192.168.1.1/
</VirtualHost>

Below is the code snippet from vhost file of AWS 2:

<VirtualHost 192.168.1.1:80>
  ServerAdmin admin@example.com
  DocumentRoot "D:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
  ServerName aws2
  ServerAlias aws2
  ErrorLog "logs/aws2.log"

  # use always https
  Redirect pernament / https://192.168.1.1/
</VirtualHost>

Below is the snippet from ssl file of AWS 2 (its not the complete config):

<VirtualHost 192.168.1.1:443>
ServerAdmin admin@example.com
DocumentRoot "D:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
ServerName aws2
ServerAlias aws2
ErrorLog "logs/aws2-ssl-error.log"

ProxyRequests Off
ProxyPreserveHost On

ProxyPass / http://192.168.1.2/   #This is where JBoss is running
ProxyPassReverse / http://192.168.1.2/
</VirtualHost>

Can you post your apache config? Sounds to me like the ProxyPassReverse directive is missing. — HampusLi, Apr 03 '13 at 15:42

Marcel · Answer 1 · 2013-04-03T16:53:39.717

0

Use this: ProxyPreserveHost On on both proxies.

From this link:

"When enabled, this option will pass the Host: line from the incoming request to the proxied host, instead of the hostname specified in the ProxyPass line.

This option should normally be turned Off. It is mostly useful in special configurations like proxied mass name-based virtual hosting, where the original Host header needs to be evaluated by the backend server."

Edit: Ah, then you have chained proxies with a gateway! Then you should also use ProxyVia On directive setup on aws2, or maybe on both proxies. Try that.

edited Apr 03 '13 at 16:53

answered Apr 03 '13 at 15:54

Marcel

1,730
10
15

Hi Marcel & HampusLi, Thanks for your responses. I have updated the question with my apache config. I have already used ProxyPreserveHost On. But that didn't work. – Mubin Apr 03 '13 at 16:12
Hi Marcel, I tried `ProxyVia On`, but that didn't work either. I still see the LAN IP in the browser. – Mubin Apr 04 '13 at 07:47

score 0 · Answer 2 · answered Apr 03 '13 at 16:24

0

The Redirect permanent should not reference the internal IP but the full actual URL of the site as the redirect is done in the browser:

Either use the full site URL in the Redirect clause or use mod_rewrite for a dynamic redirect.

answered Apr 03 '13 at 16:24

HampusLi

3,478
17
14

Are you referring to the Redirect in AWS 2? I can't do that as 192.168.1.1 (the IP of AWS2), doesn't have a DNS entry and the URL is for AWS1. All of AWS1, AWS2 and JBoss are in LAN and aren't visible to external world. The DNS entry for http://example.com has a NAT rule which forwards the requests to AWS1. – Mubin Apr 03 '13 at 16:38

score 0 · Accepted Answer · answered Apr 04 '13 at 12:04

0

Why are you redirecting to http:// from AWS1 to AWS2 again, when you have https:// enabled on AWS2? Change you ProxyPass and ProxyReverse setting in AWS1 to https://.

answered Apr 04 '13 at 12:04

Niranjan

116
3

Thanks Niranjan. That worked. I changed the ProxyPass and ProxyPassReverse to https on AWS1. There was no point of having a http connection to AWS2, as it wasn't accessible from outside the LAN. For other reference, to use https in ProxyPass and ProxyPassReverse, I had to enable SSLProxyEngine On. – Mubin Apr 04 '13 at 12:55

Apache Proxying Setup

3 Answers3