I been working hard on my bot's panel but somehow it refuses to login this is the error and only happens on the apache2 proxy that is using cloudflare and apache2 since cloudflare seems to not be the issue my guess is it being apache2
Underneath here is the error
TokenError
at OAuth2Strategy.parseErrorResponse (/root/karinqu.xyz/node_modules/passport-oauth2/lib/strategy.js:373:12)
at OAuth2Strategy._createOAuthError (/root/karinqu.xyz/node_modules/passport-oauth2/lib/strategy.js:420:16)
at /root/karinqu.xyz/node_modules/passport-oauth2/lib/strategy.js:177:45
at /root/karinqu.xyz/node_modules/oauth/lib/oauth2.js:191:18
at passBackControl (/root/karinqu.xyz/node_modules/oauth/lib/oauth2.js:132:9)
at IncomingMessage.<anonymous> (/root/karinqu.xyz/node_modules/oauth/lib/oauth2.js:157:7)
at IncomingMessage.emit (node:events:525:35)
at endReadableNT (node:internal/streams/readable:1359:12)
at process.processTicksAndRejections (node:internal/process/task_queues:82:21)
here is the site's proxy config it is using localhost
<VirtualHost *:80>
ServerAdmin admin#example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
ProxyRequests On
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
# <Location />
# ProxyPreserveHost On
# ProxyRequests On
# ProxyPreserveHost On
# ProxyPass http://127.0.0.1:3000/
# Order allow,deny
# Allow from all
# ProxyPassReverse http://127.0.0.1:3000/
# </Location>
# Uncomment the line below if your site uses SSL.
#SSLProxyEngine On
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
ProxyRequests Off
#ProxyPass / http://localhost:8080/
<Location />
ProxyPreserveHost On
ProxyPass http://127.0.0.1:3000/
ProxyPassReverse http://127.0.0.1:3000/
</Location>
# Uncomment the line below if your site uses SSL.
# SSLProxyEngine On
</VirtualHost>
I tried running apache2's ProxyPass and was expecting it to have no issues on the host
instead I was greeted by a 500 error
Related
I'm trying to expose web app via subdomain with SSL or via route.
Subdomain Method:
The webapp I'm running is on port: http://localhost:4567/
With the following configuration, the web browser tells me the app is "not secure" (non-https).
The app is generally working fine, but is non-https.
What am I doing wrong?
Are there alternative configurations?
<IfModule mod_ssl.c>
Listen 443
NameVirtualHost *:443
</IfModule>
<VirtualHost *:80>
ServerName blast.example.com
Redirect permanent / https://blast.example.com/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin me#gmail.com
ServerName blast.example.com
# ProxyPreserveHost On
ProxyRequests off
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
# ProxyPass / http://localhost:4567/
# ProxyPassReverse / http://localhost:4567/
<Location />
ProxyPass http://localhost:4567/
ProxyPassReverse http://localhost:4567/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile ...
SSLCertificateKeyFile ...
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
I had been following the prescription given at How to configure multiple subdomain with SSL in Apache?
Path/Route Method
I had also tried exposing the app as a route path (ie https://example.com/blast)
<Location /blast/ >
ProxyPass http://localhost:4567/
ProxyPassReverse http://localhost:4567/
</Location>
but the reverse proxy didn't see to work in that, if I started with:
https://example.com/blast
And clicked whatever on the start page.
The app would generate a internal URL without the /blast part, resulting in 404:
https://example.com/blah-blah-generated-url
(should be https://example.com/blast/blah-blah-generated-url)
In general, the subdomain path seems to work better except for the non-https problem.
Setting up a path/route:
Making the application accessible with https://example.com/blast. If the application generates new routes, ProxyPassReverse is needed; otherwise; only ProxyPass is needed.
<VirtualHost *:443>
...
ProxyPass "/blast/" "http://localhost:4567/"
ProxyPassReverse "/blast/" "/"
...
Found in Example 1, here: ProxyPassReverse doesn't rewrite Location (http header)
I use apache2 on Ubuntu and acme with letsencrypt in order to secure my website.
I also want to redirect from http://mywebsite.com to https://mywebsite.com but this does not work with the following config:
File name-xy.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
File name-xy-ssl.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.mywebsite.com [OR]
RewriteCond %{HTTPS} =mywebsite.com
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# forward ORDS requests to tomcat
<VirtualHost *:443>
ServerName mywebsite.com
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
With this config I will navigate to the default apache2 homepage, https://mywebpage.com works fine.
What is wrong in this config in order to redirect from http://mywebsite.com to https://mywebsite.com automatically?
To handle this situation, I have my http vhost as follows. I don’t think it requires enabling any new modules either, just add the redirect statement like the last line :)
Since you are using Ubuntu with Apache. LetsEncrypt automatically installs and does the configuration for apache for SSL. If you want to do a manual configuration follow the below.
File name-xy.conf should look like this:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
#Add the below Lines
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
</VirtualHost>
File name-xy-ssl.conf should look like this:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
</IfModule>
Restart your apache server sudo service apache2 restart and clear your browser cache and history to take effect.
I have cluster setup of Apache server . Behind this I have 2 Jboss instances which is load balanced by apache.
The configuration look somewhat like the below
<VirtualHost *:1111>
ServerAdmin admin#example.com
ServerName www.example.com
DocumentRoot "/apps"
ErrorLog "logs/https.www.example.com.-error_log"
TransferLog "logs/https.www.example.com-access_log"
LogLevel warn
<Directory "/apps">
Options -Indexes +FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
SSLProxyEngine On
SSLProxyVerify On
SSLProxyMachineCertificateFile "/apps/apache/conf/ssl/int/proxy.pem"
SSLProxyCACertificateFile "/apps/apache/conf/ssl/int/cert.pem"
RewriteEngine On
Header set Cache-Control "max-age=60, public"
<Proxy balancer://2node-aa>
BalancerMember https://app01:8089 route=node1
BalancerMember https://app02:8089 route=node2
ProxyPreserveHost On
ProxyPass /aa balancer://2node/aa stickysession=JSESSIONID|jsessionid
ProxyPass /static balancer://2node/static stickysession=JSESSIONID|jsessionid
ProxyPassReverse /aa balancer://2node/aa
ProxyPassReverse /static balancer://2node/static
ProxyPass /1/aa https://app01:8089/aa
ProxyPass /2/aa https://app02:8089/aa
ProxyPassReverse /1/aa https://app01:8089/aa
ProxyPassReverse /2/aa https://app02:8089/aa
ProxyPass /bb balancer://2node/rest stickysession=JSESSIONID|jsessionid
ProxyPassReverse /bb balancer://2node/bb
</VirtualHost>
In the url access certain part of the url i want it to be routed from second node i.e node2 of jboss.
e.g. if i am accessing http://www.example.com/aa/login/login.jsp i need this request to be process by node2 app02 only.
Rest of the request should load balance as normal access.
How do i set the apache to do it ?
I have tried lot of rewrite,<Location> and ProxyPassMatch none has worked so far.
Please Help. Thanks in advance.
I used the below statement in the configuration file which resolved the issue.
<Proxy balancer://2node-aa>
BalancerMember https://app02:8080 route=node2
</Proxy>
RewriteRule ^/aa/login/(.*)$ balancer://2node-aa%{REQUEST_URI} [P,QSA,L]
This link help me.
apache httpd mod_proxy load balancing with multiple virtual hosts url redirection
-Thanks
I have the following configuration which always returns the URL as "https:\sysaid.external.comlogin.jsp" with no "/" between the "https://sysaid.external.com" and the "login.jsp".
#REDIRECT for http://sysaid.external.com
<VirtualHost *:80>
ServerName sysaid.external.com
ProxyPreserveHost On
Redirect / https://sysaid.external.com
</VirtualHost>
#https://sysaid.external.com
<VirtualHost *:443>
ServerAdmin webmaster#external.com
ServerName sysaid.external.com
SSLEngine on
SSLCertificateFile /usr/local/etc/apache22/ssl/webmail.external.com.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl/webmail.external.com.key
ProxyPreserveHost On
ProxyPass / http://srv-01.internal.local:80/
ProxyPassReverse / http://srv-01.internal.local:80/
ProxyPassReverse / http://sysaid.external.com:80/
</VirtualHost>
Although this one works fine without the SSL redirect...
#http://sysaid.external.com
<VirtualHost *:80>
ServerAdmin webmaster#external.com
ServerName sysaid.external.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://srv-01.internal.local:80/
ProxyPassReverse / http://srv-01.internal.local:80/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
I have others that I redirect with SSL and they all work with no problem.
Testing from telnet to the web server from the proxy server I get the following:
root#core-rp-01:/home/user # telnet srv-01.internal.local 80
Trying 172.34.0.10...
Connected to srv-01.internal.local.
Escape character is '^]'.
GET / HTTP/1.1
Host: sysaid.external.com
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=F5FA5C04242A51536916C688A23077F1; Path=/; HttpOnly
Location: http://sysaid.external.com/Login.jsp
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 0
Date: Fri, 09 Aug 2013 15:16:06 GMT
Thoughts?
Thanks!
Solved:
#REDIRECT for http://sysaid.external.com
<VirtualHost *:80>
ServerName sysaid.external.com
ProxyPreserveHost On
Redirect / https://sysaid.external.com
</VirtualHost>
#https://sysaid.external.com
<VirtualHost *:443>
ServerAdmin webmaster#external.com
ServerName sysaid.external.com
SSLEngine on
SSLCertificateFile /usr/local/etc/apache22/ssl/webmail.external.com.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl/webmail.external.com.key
ProxyPreserveHost On
ProxyPass / http://srv-01.internal.local/
ProxyPassReverse / http://srv-01.internal.local/
ProxyPassReverse / http://sysaid.external.com/
</VirtualHost>
I'm trying to create a virtual host, dev.company.com, that routes to different applications depending on what comes after the domain. Specifically, I want:
/jenkins - to route to a Jenkins server
/apps - to route to a landing page with links to various applications
/clover - to route to a particular Jenkins build report - http://dev.company.com/jenkins/job/proj-master-clover/clover/
/ - everything else should route to a Tomcat server
I'm using the following config:
<VirtualHost *:80>
ServerName dev.company.com
ServerPath /jenkins
ProxyPass /jenkins http://easyrider:8080/jenkins
ProxyPassReverse /jenkins http://easyrider:8080/jenkins
ServerPath /clover
Redirect /clover http://dev.company.com/jenkins/job/proj-master-clover/clover/
ServerPath /apps
DocumentRoot "/usr/local/sites/developers"
<Directory "/usr/local/sites/developers">
DirectoryIndex index.html
Options Indexes MultiViews
</Directory>
ServerPath /
ProxyPass / http://tomcat_server:8080/
ProxyPassReverse / http://tomcat_server:8080/
</VirtualHost>
http://dev.company.com/jenkins works fine, but /apps and /clover always redirect to the Tomcat server. Is the right way to do this?
So using ServerPath's is mostly for legacy browsers. The trick, however, to getting an Alias and a Redirect working in a VirtualHost where you're using the catch-all:
ProxyPass / <url>
is tell ProxyPass to ignore certain paths: ProxyPass /path ! notation
So my final VirtualHost looks like this:
<VirtualHost>
ServerName dev.company.com
ProxyPass /jenkins http://easyrider:8080/jenkins
ProxyPassReverse /jenkins http://easyrider:8080/jenkins
# Tells ProxyPass to ignore these paths as they'll be handled by Alias and Redirect
ProxyPass /clover !
ProxyPass /apps !
Redirect /clover http://dev.company.com/jenkins/job/proj-master-clover/clover/
Alias /apps "/usr/local/sites/developers"
<Directory "/usr/local/sites/developers">
DirectoryIndex index.html
Options Indexes MultiViews
</Directory>
ProxyPass / http://tomcat_server:8080/
ProxyPassReverse / http://tomcat_server:8080/
</VirtualHost>
and the urls are:
http://dev.company.com/jenkins* - will proxy to jenkins http://dev.company.com/jenkins
http://dev.company.com/apps - will proxy to http://dev.company.com/apps/
http://dev.company.com/clover - will redirect to http://dev.company.com/jenkins/job/proj-master-clover/clover/
and everything else will go to tomcat at tomcat_server:8080