Apache problem with proxy and reverseproxy
Hello
I have problem to set the right url to show in reverseproxy Example: ProxyPass /red/ http://11.11.1.1/school/f?p=2 ProxyPassReverse /red/ http://11.11.1.1/school/f?p=2 RewriteRule ^/red$ /red/ [R] Request url ... is not allowed. The problem is in f?p=2 exactly the ? How to set url or rule |
Hi,
Quote:
Maybe this should do what you want: Code:
RewriteEngine on |
Your idea did not work.
What I am trynig to do. When user from outside would write in URL some IP number, then will be redirected to Proxy server (https) MY Proxy server Linux Suse 11 192.1.0.1 And then when I would go from outside to 88.10.1.1, then I will be redirected to 192.1.0.1 and when I would add /red/, I will come to sharepoint And this works(only with this one I have a problem, because is ? in url and apache convert this to %3F) - http://www.asciitable.com/ ProxyPass /red/ http://11.11.1.1/school/f?p=2 ProxyPassReverse /red/ http://11.11.1.1/school/f?p=2 RewriteRule ^/red$ /red/ [R] |
First of all you should ask a moderator to move this thread to the Server forum, where it will get more attention.
As I've told you I don't think this can work. mod_rewrite has the [NE] option to not convert special characters to hex, but it doesn't apply here. You may proxy /red/ to /school/, so when a client visits http://192.168.0.1/red/f?p=2 it will get the correct url from the backend |
How can I wrote that ?
Is this OK. ProxyPass /red/ http://11.11.1.1/red/f?p=2 ProxyPassReverse /school/ http://11.11.1.1/school/f?p=2 RewriteRule ^/red$ /red/ [R] |
No, I was thinking something like that:
Code:
ProxyPass /red/ http://11.11.1.1/school/ |
It does not work
I also added AddDefaultCharset utf-8 and did not work What else to do ? |
Oups I've done a mistake
Quote:
Code:
ProxyPassReverse /red/ http://11.11.1.1/school/ Code:
ProxyPass /school/ http://11.11.1.1/school/ Other than that I don't know what else you can do. Maybe you should google to find if it's possible to reverse proxy your application and how |
Did not work.
I google and I didn't find the right stuff. IF you have some idea, please |
You can check the logs on both apache and the backend server and see what happens.
|
192.168.1.1 - firewall
acces.log 192.168.1.1 - - [05/Aug/2011:07:19:12 +0200] "GET / HTTP/1.1" 403 1017 192.168.1.1 - - [05/Aug/2011:07:19:20 +0200] "GET /apex/ HTTP/1.1" 404 1237 error.log [Fri Aug 05 07:19:12 2011] [error] [client 192.168.1.1] Directory index forbidden by Options directive: /srv/www/htdocs/ sslrequesst.log 05/Aug/2011:07:19:12 +0200] 192.168.1.1 TLSv1 DHE-RSA-CAMELLIA256-SHA "GET / HTTP/1.1" 1017 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" [05/Aug/2011:07:19:20 +0200] 192.168.1.1 TLSv1 DHE-RSA-CAMELLIA256-SHA "GET /apex/ HTTP/1.1" 1237 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" I don't now, where to find backend log in linux suse server |
The backend is the server you're trying to proxy (the one with the 11.11.1.1 IP)
What happens if you try to access apache on 192.168.0.1 from itself: http://192.1.0.1/school/? |
Quote:
Quote:
This url(http://192.1.0.1/school/?) works from every computer, server,.. But not from proxy server |
Quote:
Quote:
What other proxy you say? |
My mistake
This url(http://192.1.0.1/school/? - is proxy server (192.1.0.1) and it gives the same error when I type this URL Quote:
What log I have to see. From my computer, when I go to http://11.11.1.1/red/f?p=2 thanks |
I hope you don't actually using this URL http://192.1.0.1/school/? and say that is not working. I've used the question mark "?" because I was asking you...
You should try http://192.1.0.1/school/ and/or http://192.1.0.1/school/f?p=2 and see if it brings up the correct content from the backend. Quote:
And please stop mixing URLs. Why it's now http://11.11.1.1/red/f?p=2 and not http://11.11.1.1/school/f?p=2 as in your 1st post |
Quote:
http://192.1.0.1/school/ it work http://192.1.0.1/school/f?p=2 it not work Quote:
I don't thing the log of my aplication on http://11.11.1.1/school/f?p=2 is importation. Because I don't get to It. The url is not valid, because of ? Thanks for your time |
Doh. If,
Quote:
I've used apache as reverse proxy for a variety of applications, with URLs containing any of ?,+,# and so on, without any problem. I'll give you the general config to reverse proxy a resource Code:
RewriteEngine On Perhaps you should contact the developer or the admin of the app in the backend server and ask for assistance Regards |
Hello
Quote:
But I don't won't to use this url because this url (http://11.11.1.1/school/) bring me to admin login and all administration, I wont that users only see and work with http://11.11.1.1/school/f?p=2. But here is the problem with ? I search forum and I haven't found solution. Thanks for your time and I hope that you have some new ideas |
Quote:
If you don't want users to visit the /school/ URI then try the following rewrite instead the old one Code:
RewriteEngine On |
Is this OK ?
RewriteEngine On RewriteCond %{REQUEST_URI} ^/school/$ RewriteRule (.*) /school/f?p=2 [R] ProxyPass /school/ http://11.11.1.1/school/ ProxyPassReverse /school/ http://11.11.1.1/school/ |
Quote:
|
Quote:
when I change this ProxyPass /school/ http://11.11.1.1/school/ ProxyPassReverse /school/ http://11.11.1.1/school/ to this ProxyPass /school/ http://11.11.1.1/school/f?p=2 ProxyPassReverse /school/ http://11.11.1.1/school/f?p=2 I become the same error "Request URL is not allowed" |
Quote:
Anyway as a last attempt, try the following: Code:
RewriteEngine On Regards |
Yes this works. But this bring me to admin login and all administration. (like previously)
It posible that my rewrite isn't working. How can I test that ? Thanks |
To see if rewrite works comment out the previous rewrite and proxy stuff and use just:
Code:
RewriteEngine On You can also enable rewrite logging adding: Code:
RewriteLogLevel 9 |
Now I think I know where is the problem.
On my proxy server I have enabled https. Now I enable http and tray again. End it's work, almost. Now when I write url on my private computer http://11.11.1.1/school/ I go to desired page. But it looks like something is wrong. Why ? Because I can not login to interface, It looks like its not responding (example: when I click button Login nothing happend). Problem 1: http works, https don't works Problem 2: Problem with login interface (http) - not responding |
That are the logs:
LogLevel debug ErrorLog /var/log/proxy/proxyssl_error_log CustomLog /var/log/proxy/proxyssl_access_log combined RewriteLogLevel 9 RewriteLog /var/log/proxy/rewrite_log proxyssl_error_log ......... ........... [Tue Aug 09 12:16:59 2011] [debug] proxy_util.c(2201): proxy: connected /apex/f?p=220:1 to 192.1.1.1:88 [Tue Aug 09 12:16:59 2011] [debug] proxy_util.c(2356): proxy: HTTP: fam 2 socket created to connect to 192.1.1.1 [Tue Aug 09 12:16:59 2011] [debug] proxy_util.c(2468): proxy: HTTP: connection complete to 192.1.1.1:88 (192.1.1.1) [Tue Aug 09 12:16:59 2011] [error] [client 192.1.1.1] File does not exist: /srv/www/htdocs/i, referer: http://11.11.1.1/school/f?p=220:1 [Tue Aug 09 12:16:59 2011] [error] [client 192.1.1.1] File does not exist: /srv/www/htdocs/i, referer: http://11.11.1.1/school/f?p=220:1 proxyssl_access_log combined ....... ....... 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] "GET /i/themes/theme_2/bottom_bar-0-1.png HTTP/1.1" 404 1170 "http://11.11.1.1/school/f?p=220:1" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] "GET /i/themes/theme_2/bottom_bar-0-3.png HTTP/1.1" 404 1170 "http://11.11.1.1/school/f?p=220:1" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] "GET /apex/f?p=220:1 HTTP/1.1" 200 7002 "http://11.11.1.1/school/f?p=220:1" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" rewrite_log 192.1.1.1- firewall 11.11.1.1. - dmz ........ ........ 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] [11.11.1.1/sid#7fcbe33a3850][rid#7fcbe36d3958/subreq] (2) init rewrite engine with requested uri /error/include/bottom.html 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] [11.11.1.1/sid#7fcbe33a3850][rid#7fcbe36d3958/subreq] (1) pass through /error/include/bottom.html 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] [11.11.1.1/sid#7fcbe33a3850][rid#7fcbe36d1948/subreq] (2) init rewrite engine with requested uri /error/contact.html.var 192.1.1.1 - - [09/Aug/2011:12:16:59 +0200] [11.11.1.1/sid#7fcbe33a3850][rid#7fcbe36d1948/subreq] (1) pass through /error/contact.html.var |
Quote:
Quote:
Regards |
Hello
I am back again. My proxy: 192.0.0.0 (DMZ) My httpd.conf AddDefaultCharset utf-8 RewriteEngine On Options +FollowSymlinks RewriteCond %{HTTP} ^on$ RewriteCond %{REQUEST_URI} ^/123/(.*)$ RewriteCond %{REQUEST_URI} !^/123/f$ RewriteRule (.*) /123/f?p=100:1 [R] ProxyRequests Off ProxyPass /123/ http://192.0.1.1:88/ap/ ProxyPassReverse /123/ http://192.0.1.1:88/ap/ RewriteRule ^/123/(.*) http://192.0.1.1:88/ap/ [L,R] And now where is my problem When I write URL - proxy - http://192.0.0.0/123/ I become http://192.0.1.1:88/ap/ (my administrator console) But I wont this URL -> http://192.0.1.1:88/ap/f?p=100:1 It looks that my rewrite rule does not work ?? Thanks in advance |
Hi,
Quote:
Also, better use: Code:
RewriteCond %{REQUEST_URI} ^/123(.*)$ And I don't understand the last rewrite rule after the proxy stuff. Quote:
Regards |
2 Attachment(s)
Now is my configuration like this:
My proxy: 192.0.0.0 (DMZ) My httpd.conf AddDefaultCharset utf-8 RewriteEngine On Options +FollowSymlinks RewriteCond %{REQUEST_URI} ^/123/(.*)$ RewriteCond %{REQUEST_URI} !^/123/f$ RewriteRule (.*) /123/f?p=100:1 [R] ProxyRequests Off ProxyPass /123/ http://192.0.1.1:88/ap/ ProxyPassReverse /123/ http://192.0.1.1:88/ap/ Now i think that this RewriteCond works, but there is still a problem. 1. When I write URL - proxy - https://192.0.0.0/123/ I become http://192.0.1.1:88/ap/ (my administrator console) - But I wont this URL -> https://192.0.1.1:88/ap/f?p=100:1 It's look that here, where is https, RewriteCond does not work. What to change ?? My proxy has to work with https. 2. When I write URL - proxy - http://192.0.0.0/123/ I become the right URL -> https://192.0.1.1:88/ap/f?p=100:1 But there is a problem 2.1 I become login, but it looks that something did not go true proxy. Picture 1 - the login page when she came true proxy. Picture 2 - the login page from application Where is here problem. Thanks for your time |
Quote:
Anyway, why don't you use https in the proxied url? Quote:
Quote:
You may try this: Code:
RewriteCond %{REQUEST_URI} ^/123(.*)$ |
Quote:
Quote:
|
LOGS
Proxy_ssl error [Fri Sep 02 10:30:13 2011] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //192.0.0.0:88/ap/f [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(1489): [client 192.0.0.0] proxy: http: found worker http://192.0.1.1/ap/ for http://192.0.1.1:88/ap/f?p=100:1, referer: http://192.0.1.1/123/f?p=100:1 [Fri Sep 02 10:30:13 2011] [debug] mod_proxy.c(988): Running scheme http handler (attempt 0) [Fri Sep 02 10:30:13 2011] [debug] mod_proxy_http.c(1924): proxy: HTTP: serving URL http://192.0.1.1:88/ap/f?p=100:1 [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2045): proxy: HTTP: has acquired connection for (192.0.0.1) [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2103): proxy: connecting http://192.0.1.1:88/ap/f?p=100:1 to 192.0.1.1:88 [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2201): proxy: connected /ap/f?p=100:1 to 192.0.1.1:88 [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2356): proxy: HTTP: fam 2 socket created to connect to 192.0.1.1 [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2468): proxy: HTTP: connection complete to 192.0.1.1:88 (192.0.1.1) [Fri Sep 02 10:30:13 2011] [debug] mod_proxy_http.c(1701): proxy: start body send [Fri Sep 02 10:30:13 2011] [info] [client 192.0.0.0] (32)Broken pipe: core_output_filter: writing data to the network [Fri Sep 02 10:30:13 2011] [debug] mod_proxy_http.c(1790): proxy: end body send [Fri Sep 02 10:30:13 2011] [debug] proxy_util.c(2063): proxy: HTTP: has released connection for (192.0.1.1) [Fri Sep 02 10:30:13 2011] [info] [client 192.0.0.0] (32)Broken pipe: core_output_filter: writing data to the network Rewrite log 192.0.0.0 - - init rewrite engine with requested uri / (3) applying pattern '(.*)' to uri '/' init rewrite engine with requested uri /error/HTTP_FORBIDDEN.html.var applying pattern '(.*)' to uri '/error/HTTP_FORBIDDEN.html.var' RewriteCond: input='/error/HTTP_FORBIDDEN.html.var' pattern='^/123/(.*)$' => not-matched (1) pass through /error/HTTP_FORBIDDEN.html.var init rewrite engine with requested uri /123/ applying pattern '(.*)' to uri '/123/' RewriteCond: input='/123/' pattern='^/123/(.*)$' => matched RewriteCond: input='/123/' pattern='!^/123/f$' => matched rewrite '/123/' -> '/123/f?p=100:1' split uri=/123/f?p=100:1 -> uri=/123/f, args=p=100:1 explicitly forcing redirect with http://192.0.0.0/123/f http://192.0.0.0/alis/f for redirect redirect to http://192.0.0.0/123/f?p=1000:1 [REDIRECT/302] RewriteCond: input='/i/themes/theme_2/theme_3_1.css' pattern='^/123/(.*)$' => not-matched (2) init rewrite engine with requested uri /error/contact.html.var (1) pass through /error/contact.html.var (2) init rewrite engine with requested uri /123/f (3) applying pattern '(.*)' to uri '/123/f' (4) RewriteCond: input='/123/f' pattern='^/123/(.*)$' => matched (4) RewriteCond: input='/123/f' pattern='!^/123/f$' => not-matched (1) pass through /123/f |
Quote:
Quote:
Code:
RewriteCond %{HTTPS} off Code:
RewriteCond %{REQUEST_URI} ^/123/(.*)$ |
Quote:
My mistake when writting - -> http://192.0.1.1:88/ap/f?p=100:1 Quote:
Quote:
Any idea about problem I canlogin, but it looks that something did not go true proxy. Picture 1 - the login page when she came true proxy. Picture 2 - the login page from application Where is here problem. |
Quote:
You should read mod_rewrite documentation and especially the use of regexes. Quote:
Check the logs in both apache and the backend server and see why is this happening. |
Quote:
It looks that I only become true proxy html page, without connection ... Quote:
|
Have anyone Idea how to set sercured proxy server ??
Please help |
All times are GMT -5. The time now is 09:59 AM. |