I am running nodejs for my systems backend management but I have a mediawiki for documentation. I was able to access the mediawiki through example.com/mediawiki but no I get too many redirects. Though I can still access my backend as normal, example.com/login. I have checked my other configs for rogue redirects and didnt find any. Also, I checked apache2.conf.
Here is my vhost
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html
Redirect permanent / https://example.com/
Redirect permanent /mediawiki https://example.com/mediawiki/
</VirtualHost>
<VirtualHost *:443>
Redirect permanent / https://example.com/login
SSLEngine on
SSLProxyEngine on
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLHonorCipherOrder on
SSLCertificateFile /etc/ssl/certs/example_cert.crt
SSLCertificateKeyFile /etc/ssl/private/example_cert.key
SSLCertificateChainFile /etc/ssl/certs/incommon_interm.crt
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html
Header set Access-Control-Allow-Origin "*"
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
<Proxy *>
Require all granted
</Proxy>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9000/$1 [P,L]
ProxyPass /login http://localhost:3000/login
ProxyPassReverse /login http://localhost:3000/login
</VirtualHost>
Related
i'm currently trying to configure apache2.
I have 3 A records to my server:
domain.io
sub1.domain.io
sub2.domain.io
I have a apache config:
<VirtualHost *:80>
ServerName sub1.domain.io
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName sub1.domain.io
DocumentRoot "/var/www/sub1/public"
AllowEncodedSlashes On
php_value upload_max_filesize 100M
php_value post_max_size 100M
<Directory "/var/www/sub1/public">
Require all granted
AllowOverride all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/sub1.domain.io/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sub1.domain.io/privkey.pem
</VirtualHost>
Now i would expect apache to only show some content for sub1.domain.io, but apache shows content for every domain, alos domain.io and sub2.domain.io. Can somebody pleas help me?
I have the following apache configuration file for a reverse proxy :
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ProxyPreserveHost On
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
ErrorLog /var/log/apache2/NewPC-error.log
CustomLog /var/log/apache2/NewPC-access.log common
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/ssl/private/localhost.crt
SSLCertificateKeyFile /etc/ssl/private/localhost.key
</VirtualHost>
The reverse proxy works properly bu I always have the port number (5000) in the URL.
Is there any way to remove if please ?
Regards,
The configuration looks good and what you described shouldn't happen unless it's the application running behind the proxyPass that is sending a redirect/location to the client including the port.
You can test it simulating requests to the application running on port 5000 with curl (-v option) or the tool you prefer.
I use apache2 on Ubuntu and acme with letsencrypt in order to secure my website.
I also want to redirect from http://mywebsite.com to https://mywebsite.com but this does not work with the following config:
File name-xy.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
File name-xy-ssl.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.mywebsite.com [OR]
RewriteCond %{HTTPS} =mywebsite.com
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# forward ORDS requests to tomcat
<VirtualHost *:443>
ServerName mywebsite.com
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
With this config I will navigate to the default apache2 homepage, https://mywebpage.com works fine.
What is wrong in this config in order to redirect from http://mywebsite.com to https://mywebsite.com automatically?
To handle this situation, I have my http vhost as follows. I don’t think it requires enabling any new modules either, just add the redirect statement like the last line :)
Since you are using Ubuntu with Apache. LetsEncrypt automatically installs and does the configuration for apache for SSL. If you want to do a manual configuration follow the below.
File name-xy.conf should look like this:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
#Add the below Lines
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
</VirtualHost>
File name-xy-ssl.conf should look like this:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
</IfModule>
Restart your apache server sudo service apache2 restart and clear your browser cache and history to take effect.
After installing lets encrypt it created it apache2-le-ssl.conf file and added the following code to it.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
Redirect / https://www.example.com/
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.example.com
Redirect / https://www.example.com/
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
and added following to apache2.conf
# HTTPS Redirect
<VirtualHost *:80>
ServerName example.com
Redirect / https://www.example.com/
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
Redirect / https://www.example.com/
</VirtualHost>
This is how my app/ .htaccess file looks
# Uncomment the following to prevent the httpoxy vulnerability
# See: https://httpoxy.org/
#<IfModule mod_headers.c>
# RequestHeader unset Proxy
#</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>
and this is how my app/webroot/ .htaccess looks
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
I am getting an error of being redirected too many times.
How can I resolve it without setting up anew.
For starters I use Proxmox to virtualize several machines.
Now I want my main machine to redirect the traffic accordingly based on the servername.
I had the setup working once, but now somehow it won't work.
my default host:
00_proxmox_domain_com.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName proxmox.domain.com
ServerName *.proxmox.domain.com
#RewriteLog "/root/rewrite.log"
#RewriteLogLevel 10
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
RewriteCond %{REQUEST_URI} !^/nrd/
RewriteCond %{REQUEST_URI} !^/images/
RewriteCond %{REQUEST_URI} !^/css/
RewriteCond %{REQUEST_URI} !^/javascript/
RewriteCond %{REQUEST_URI} !^/vncterm/
RewriteCond %{REQUEST_URI} !^/.*\.js$
RewriteCond %{REQUEST_URI} !^/login.pl$
RewriteCond %{HTTP_HOST} ^proxmox\.domain\.com$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R]
</VirtualHost>
Then I have several similar virtualhost, (currently only this one is activated)
This should send the visitor to PHPMyAdmin on virtual server with IP 192.168.1.13
02_pma_domain_com.conf
<VirtualHost *:80>
ServerName pma.domain.com
ServerName *.pma.domain.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://192.168.1.13/
ProxyPassReverse / http://192.168.1.13/
</VirtualHost>
And there is the Proxmox virtual hostfile
pve.conf
<IfModule mpm_prefork_module>
StartServers 2
MinSpareServers 1
MaxSpareServers 2
MaxClients 50
MaxRequestsPerChild 30
</IfModule>
ServerName localhost
ServerSignature Off
ServerTokens Prod
ServerAdmin root
AddDefaultCharset On
# Hint: Ajax use KeepAlive, which in effect disables MaxRequestsPerChild,
# so we need to disable KeepAlive to prevent exhaustive memory usage, or
# at least make sure that periodic updaters interval > KeepAliveTimeout
KeepAlive Off
DocumentRoot /usr/share/pve-manager/root
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /usr/share/pve-manager/root>
Options FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
LogLevel warn
# do not log access to our ajax services
SetEnvIf Request_URI "^/ws/" dontlog
CustomLog /var/log/apache2/access.log combined env=!dontlog
Alias /images/ /usr/share/pve-manager/images/
Alias /css/ /usr/share/pve-manager/css/
Alias /javascript/ /usr/share/javascript/
Alias /vncterm/ /usr/share/vncterm/
# avoid authentication when accessing favicon
Alias /favicon.ico /usr/share/pve-manager/images/favicon.ico
PerlModule Embperl
EMBPERL_SESSION_ARGS "config=DB_File Lock=Semaphore"
AddType text/html .epl
PerlRequire /usr/share/pve-manager/root/startup.pl
PerlSetVar PVESatisfy any
PerlSetVar PVEPath /
PerlSetVar PVELoginScript /login.pl
PerlTransHandler PVE::URLRewrite
Alias /nrd/ /__no_real_dir__/
<Directory "/usr/share/pve-manager/root">
AuthType PVE::AuthCookieHandler
AuthName PVE
PerlSetVar PVECookieName PVEAuthCookie
#PerlSetVar AuthCookieDebug 5
PerlAuthenHandler PVE::AuthCookieHandler->authenticate
PerlAuthzHandler PVE::AuthCookieHandler->authorize
require group root
DirectoryIndex index.htm index.pl
<FilesMatch ".*\.htm$">
EMBPERL_APPNAME PVE
EMBPERL_SYNTAX EmbperlBlocks
EMBPERL_OBJECT_BASE base.epl
EMBPERL_INPUT_ESCMODE 0
EMBPERL_ESCMODE 0
SetHandler perl-script
PerlHandler Embperl::Object
Options ExecCGI
</FilesMatch>
<FilesMatch ".*\.epl$">
Order allow,deny
Deny From all
</FilesMatch>
<FilesMatch ".*\.pl$">
SetHandler perl-script
PerlHandler ModPerl::Registry
Options +ExecCGI
</FilesMatch>
</Directory>
<Location /nrd/LOGIN>
AuthType PVE::AuthCookieHandler
AuthName PVE
PerlSetVar PVECookieName PVEAuthCookie
#PerlSetVar AuthCookieDebug 5
SetHandler perl-script
PerlHandler PVE::AuthCookieHandler->login
</Location>
<Location /ws/>
SetHandler perl-script
PerlHandler $PVE::HTMLServices::Obj->handler
</Location>
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/pve/pve-ssl.pem
SSLCertificateKeyFile /etc/pve/pve-ssl.key
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</VirtualHost>
If you see an obvious error, please tell me.
If you have a working install of proxmox it would help if you could give me your pve.conf
And if you've got the virtualhosts working one of those files would be most welcome.
I've tried several things to solve the problem, without any effect.
Found it, thanks to:
Apache 2.2 ignoring VirtualDocumentRoot VirtualHosts?
There should be only one ServerName, and it can't contain any wildcards,
you should use ServerAlias instead ;)