LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 01-22-2009, 04:52 AM   #1
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Rep: Reputation: 0
Question Apache virtual host, rewrite & proxy question


We are running several sites on several servers on our LAN.

Linux server 1
- Apache with several sites (Mantis, SVN, ...)
- Tomcat with some applications (Alfresco, ...)

Linux server 2
- Apache with several sites
- Tomcat with some applications (Continuum, ...)

Windows server
- IIS with some sites (Exchange, ...)

What we did for now was to open ports on our router and forward them to the correct server/ports.

80 -> Win:80
8080 -> Lin1:8080
8081 -> Lin1:80
8180 -> Lin2:8080
8181 -> Lin2:80

This is a bad solution.

What I want to do is open only port 80 and use Apache to forward the requests to the correct server/ports. E.g.:
www.ourdomain.com -> Lin1 -> Win
www.ourdomain.com/exchange -> Lin1 -> Win/exchange
www.ourdomain.com/mantis -> Lin1 -> Lin1/mantis
www.ourdomain.com/alfresco -> Lin1 -> Lin1:8080/alfresco
www.ourdomain.com/continuum -> Lin1 -> Lin2:8080/continuum


Is this possible with Apache? I would think so.
I'll probably need to configure VirtualHosts, mod_rewrite and/or mod_proxy. Correct?
 
Old 01-22-2009, 07:51 AM   #2
skibler1223
Member
 
Registered: Feb 2008
Distribution: Kubuntu 8.10
Posts: 40

Rep: Reputation: 16
Yes and quite easy. Forward port 80 to a machine running Apache that has network access to all the other servers.

Create a virtual host in Apache to listen to port 80, here is a starter for your vhost config.

<VirtualHost *:80>
.....
<IfModule mod_proxy.c>
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteRule ^/exchange(.*) http://win-exchange-ip$1 [P,L]
RewriteRule ^/mantis(.*) http://mantis-ip$1 [P,L]
RewriteRule ^/alfresco(.*) http://alfresco-ip$1 [P,L]
RewriteRule ^/continuum(.*) http://continuum-ip$1 [P,L]
</IfModule>
</IfModule>
</VirtualHost>

You will need to make sure that your proxy module is loaded and configured as well as the mod rewrite module.

You may or may not want to set ProxyPreserveHost, you would want to put that between <IfModule mod_proxy.c> and <IfModule mod_rewrite.c>.

This should cover the bulk of what your attempting to do.

badreligion
 
Old 01-23-2009, 04:30 AM   #3
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for your reply but as I'm not really that familiar with Apache, I need some more detailed help.

I tried reading up on virtual hosts, rewrite and proxy but the subject is so big and what I want doesn't come up in any examples.

I created a config called 'vhost_main'. Just to test I added only 1 RewriteRule.

ndg@SVR-DEV:~$ cat /etc/apache2/sites-available/vhost_main
<VirtualHost *:80>
RewriteEngine On
RewriteRule ^/exchange(.*) http://10.0.0.6$1 [P,L]
</VirtualHost>

I have enabled it and I reloaded Apache:
ndg@SVR-DEV:~$ sudo a2ensite vhost_main
Site vhost_main installed; run /etc/init.d/apache2 reload to enable.
ndg@SVR-DEV:~$ sudo /etc/init.d/apache2 reload
* Reloading web server config apache2 [ OK ]

Both mod_proxy and mod_rewrite are loaded:
ndg@SVR-DEV:~$ ls /etc/apache2/mods-enabled/{proxy,rewrite}.load
/etc/apache2/mods-enabled/proxy.load /etc/apache2/mods-enabled/rewrite.load

When I try to access http://10.0.0.5/exchange I get a 403 Forbidden.

The error logs shows this:
ndg@SVR-DEV:~$ cat /var/log/apache2/error.log
[...]
[Fri Jan 23 11:20:05 2009] [error] [client 10.0.0.50] client denied by server configuration: proxy:http://10.0.0.6

Maybe the proxy module isn't configured correctly?
ndg@SVR-DEV:~$ cat /etc/apache2/mods-available/proxy.conf
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
</Proxy>
ProxyVia On
</IfModule>


I hope you can help me get it working.
 
Old 01-23-2009, 07:00 AM   #4
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
I added 2 more lines to get some extra logging:

RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 2

Resulting in:

ndg@SVR-DEV:~$ cat /var/log/apache2/rewrite.log
10.0.0.50 - - [23/Jan/2009:13:48:20 +0100] [10.0.0.5/sid#7e1a08][rid#a096e8/initial] (2) init rewrite engine with requested uri /exchange
10.0.0.50 - - [23/Jan/2009:13:48:20 +0100] [10.0.0.5/sid#7e1a08][rid#a096e8/initial] (2) rewrite '/exchange' -> 'http://10.0.0.6'
10.0.0.50 - - [23/Jan/2009:13:48:20 +0100] [10.0.0.5/sid#7e1a08][rid#a096e8/initial] (2) forcing proxy-throughput with http://10.0.0.6
10.0.0.50 - - [23/Jan/2009:13:48:20 +0100] [10.0.0.5/sid#7e1a08][rid#a096e8/initial] (1) go-ahead with proxy request proxy:http://10.0.0.6 [OK]
 
Old 01-23-2009, 07:33 AM   #5
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
I'm slowly progressing...

I modified the proxy config. It now looks like this:

ndg@SVR-DEV:~$ cat /etc/apache2/mods-available/proxy.conf
<IfModule mod_proxy.c>
ProxyRequests On
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
Allow from 10.0.0
</Proxy>
ProxyVia On
</IfModule>

I'm getting a different error now, 500 Internal Server Error.

ndg@SVR-DEV:~$ cat /var/log/apache2/error.log
[...]
[Fri Jan 23 14:19:41 2009] [warn] proxy: No protocol handler was valid for the URL /exchange. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

It seems to me that the rewriting wasn't correct and that instead of 'http://10.0.0.6/exchange' only '/exchange' was passed.

Maybe the regex isn't correct? I'll check that first...
 
Old 01-23-2009, 10:24 AM   #6
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
If I change the rule to

RewriteRule ^/exchange(.*) http://10.0.0.6/exchange$1 [P,L]

the RewriteLog shows this:

10.0.0.50 - - [23/Jan/2009:15:58:57 +0100] [10.0.0.5/sid#7a5658][rid#a0b088/initial] (2) init rewrite engine with requested uri /exchange
10.0.0.50 - - [23/Jan/2009:15:58:57 +0100] [10.0.0.5/sid#7a5658][rid#a0b088/initial] (2) rewrite '/exchange' -> 'http://10.0.0.6/exchange'
10.0.0.50 - - [23/Jan/2009:15:58:57 +0100] [10.0.0.5/sid#7a5658][rid#a0b088/initial] (2) forcing proxy-throughput with http://10.0.0.6/exchange
10.0.0.50 - - [23/Jan/2009:15:58:57 +0100] [10.0.0.5/sid#7a5658][rid#a0b088/initial] (1) go-ahead with proxy request proxy:http://10.0.0.6/exchange [OK]

which looks to me to be more correct than previously.

The problem remains though, so there must be something else wrong.
 
Old 01-24-2009, 11:57 AM   #7
skibler1223
Member
 
Registered: Feb 2008
Distribution: Kubuntu 8.10
Posts: 40

Rep: Reputation: 16
The rewrite rules I gave assumed that Apache configured to listen on 10.0.0.6 did not need the /exchange appended to the URL. In other words the rewrite was valid but maybe did not produce the result your backend server is setup to respond to. As it was the rule would process a request as below

http://10.0.0.5/exchange -> http://10.0.0.6
http://10.0.0.5/exchange/foo -> http://10.0.0.6/foo

now the rewrite will process a request as below

http://10.0.0.5/exchange -> http://10.0.0.6/exchange
http://10.0.0.5/exchange/foo -> http://10.0.0.6/exchange/foo

According to the logs the proxy is working just fine. Your problem may be at the back end server. What do the logs look like on 10.0.0.6?

Badreligion
 
Old 01-26-2009, 09:01 AM   #8
NickDeGraeve
LQ Newbie
 
Registered: Jan 2009
Posts: 7

Original Poster
Rep: Reputation: 0
Progress once more...

The proxy wasn't working because 'mod_proxy_http' wasn't loaded. It is now and my rules seem to be working ok. There are some issues left though:

1. The rewritten URL is displayed instead of the original URL. Eg. http://www.ourdomain.com/afresco becomes http://10.0.0.5:8080/alfresco

Can I make this rewriting transparent to the users?

2. The sites on the Apache server get sucked in the catch-all rewrite rule.

In the original default site config there are some sites defined and if I add this config

# Userfriendly Subversion
Alias /usvn /opt/website/apache/usvn
<Directory "/opt/website/apache/usvn">
AllowOverride All
</Directory>
<Location "/usvn/svn">
ErrorDocument 404 default
DAV svn
Require valid-user
SVNParentPath /opt/version_control/svn/files/svn
SVNListParentPath off
AuthType Basic
AuthName "USVN"
AuthUserFile /opt/version_control/svn/files/htpasswd
AuthzSVNAccessFile /opt/version_control/svn/files/authz
</Location>

# Mantis
Alias /mantis /opt/website/apache/mantis

to the new config before the rwrite rules the request are redirected through the default rule anyway.

My Rewrite section looks like this:

RewriteRule ^/alfresco(.*) http://10.0.0.5:8080/alfresco$1 [P,L]
...
# Default: redirect everything to 10.0.0.6
RewriteRule ^/(.*) http://10.0.0.6/$1 [P,L]

Adding these rules

RewriteRule ^/mantis(.*) http://10.0.0.5/mantis$ [P,L]
RewriteRule ^/usvn(.*) http://10.0.0.5/usvn$1 [P,L]

doesn't work because it is causing an infinite loop.

How can I do it?


Thanks for your help and patience so far.
 
Old 02-02-2009, 07:09 PM   #9
skibler1223
Member
 
Registered: Feb 2008
Distribution: Kubuntu 8.10
Posts: 40

Rep: Reputation: 16
Problem 1: Its odd that the url is being rewritten rather than proxied. The [P] flag is supposed to force a reverse proxy and should cause the rewrite/proxy to be transparent.

I have the rewrite rule below in production use and the url is not rewritten and the proxy is completely transparent to any users.

RewriteRule ^/(.*)$ http://localhost:12000/$1 [P,L]

Do you perhaps have a rewrite rule that isn't using the P flag and it is rewriting the url without proxying?

It might be helpful if you could post the entire config file, of course stripping out any sensitive information.


Problem 2: Wait do you want to proxy /mantis and /usvn to another server or are those being served locally?

If you are using a default rewrite rule to proxy everything to another server, in order to prevent a request from being proxied you will need to give something like below:

RewriteRule ^/dont/proxy/this /dont/proxy/this [L]

or if you need regexp matching, something like:

RewriteRule ^/dont/proxy/this(/.*)?$ /dont/proxy/this$1 [L]

Sorry it took so long to respond, been pretty busy lately.

BadReligion
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I get Apache Rewrite to proxy two domains ? anon252 Linux - Server 1 11-28-2008 05:16 AM
apache proxy server rewrite urls slackwarefan Linux - Software 0 10-19-2004 07:58 PM
Apache virtual host question fredws Linux - Software 1 01-22-2004 12:12 PM
Apache: Virtual Host Config question rajanr Linux - Software 5 08-30-2003 12:41 PM
Apache Virtual Host Question fed007 Linux - Networking 6 12-02-2002 04:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration