I have a React app with express server listening port 3000 deployed on VPS (which has some IP 123.123.123.123) with Apache. Also I have SSL setup.
The problem I have is that on page refresh/direct path entering I'm getting 404 error. But everything is working fine once I set example.com:3000/page.
At the moment I have .htaccess file with this setup:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Which redirects to https.
I need forward proxy setup to be done correctly to port 3000.
Any help with this setup will be very helpful as I'm stuck with the development.
Regards,
You will need to setup a reverse proxy on your Apache to redirect traffic on port 443 to port 3000. It can be done by adding the following lines in your Apache config
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:3000/
ProxyPassReverse / http://0.0.0.0:3000/
Related
I have a docker container, how can I most easily remove 443 and go to port 80 from Kiwi web.
I don't see anywhere a configuration file in the docker?
I removed the following lines from /etc/kiwi-httpd.conf in the kiwi repository and then recreated the docker image:
# Force the use of ssl:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
Then Kiwi won't try to redirect to https anymore, so I can handle the SSL certificate myself before I proxy on to Kiwi.
Just note that absolute links to Kiwi itself that Kiwi generates, for example links in the emails Kiwi sends out, will be http. Most of the time this shouldn't be a problem if you redirect to the same URL with https, but it could potentially be a problem in some cases.
No, you can't disable HTTPS and we are not going to allow you to do this because it is a bad idea and people will start deploying without https in production.
Just accept the self signed certificate (or supply your own certificate) and that should be fine.
It is totally possible, as it should be. Traffic can be encrypted not directly but before that. I did by editing the configuration file in kiwi-web - web server httpd settings in /etc/
When we access the server directly through port 8080 (without proxy settings) we are not getting the randomly corrupted response and when we configured Apache and Tomcat with proxy settings using mod-proxy-ajp and mod-proxy to run on port 80 instead of 8080 we are getting the randomly corrupted response.
We tried using http instead of ajp but it didn't worked.
We also have Websocket in our application
My server configuration :
Apache Tomcat/7.0.56
Apache Web Server/2.4.10
Java version 1.8.0_161
Following is my setting of apache web server to tomcat redirection :
File: /etc/apache2/sites-available/domainname.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName domainname
Redirect / https://domainname/
ProxyRequests Off
ProxyPreserveHost On
</VirtualHost>
<VirtualHost *:443>
ServerName domainname
Redirect / https://domainname/myapp/login.html
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLCertificateFile /etc/apache2/ssl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/gd_bundle-g2-g1.crt
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /myapp/ ajp://localhost:8009/myapp/ retry=0 timeout=385
ProxyPassReverse /myapp/ ajp://localhost:8009/myapp/
ProxyPass /myapp/busy-details ajp://localhost:8009/myapp/busy-details/ retry=0 timeout=385
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/myapp/order/$
RewriteCond %{QUERY_STRING} ^OrderID=([0-9999999]*)$
RewriteRule ^(.*)$ https://domainname/myapp/#/orders/edit/%1 [L,R=301,NE]
RewriteCond %{REQUEST_URI} ^/myapp/dentist/$
RewriteCond %{QUERY_STRING} ^DentID=([0-9999999]*)$
RewriteRule ^(.*)$ https://domainname/myapp/#/dentist/edit/%1 [L,R=301,NE]
</VirtualHost>
And tomcat server.xml setting
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000"
URIEncoding="UTF-8" redirectPort="8443" maxPostSize="-1" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8" />
please see below response we are getting in browser. Here you can see whenever we load our page some part of HTML response is missing this is also happening with normal ajax get request.
In response 1 you can see Response header of one of the HTML page request.
In response 2 you can see we are getting incomplete response with Red dot in chrome network tab.
Server response 1
Server response 2
I've seen some related access but they seem to affect the routes themselves. Shouldn't I just be able to update the initial load to be https and then everything else would flow from there?
My site is setup like this:
/Root
*client
-app files
-index.html
-htaccess
*server
-server.js (express, node)
In the .htaccess file. I have:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
What am I doing wrong? The .htaccess file apparently has no result? I want it to redirect to https:// when a user visits www., the root domain, or http://
Thank you for any help. Much appreciated.
Update: I've found another post that says this should work for me:
##Force SSL
#Normal way (in case you need to deploy to NON-heroku)
RewriteCond %{HTTPS} !=on
#Heroku way
RewriteCond %{HTTP:X-Forwarded-Proto} !https
#If neither above conditions are met, redirect to https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Unfortunately, it does not. Here is the post: How to redirect to HTTPS with .htaccess on Heroku Cedar stack
Apache redirection (using .htaccess) using a node server doesn't seem to work well together.
Stop Apache. Integrate redirection within your node express server file. Restart as a node server (sudo node server).
I got a web application running inside a Tomcat at http://<server>:8080/app/portal/.
I want the world to see this application through the URL http://<server>/portal/.
To do this, I set up a Reverse Proxy with Apache 2.2. According to the documentation for ProxyPass I expect the reverse proxy to pass all requests through transparently. My browser should never know about the Tomcat URL.
Here is my configuration:
No virtual hosts, I added these lines to my httpd.conf
<Location /portal/>
AllowOverride All
RewriteEngine On
ProxyPass http://server:8080/app/portal/
ProxyPassReverse http://server:8080/app/portal/
</Location>
When I use Firefox to open http://<server>/portal/, I get a 302 Moved Temporarily, and all follow-up calls go from my browser directly to http://<server>:8080/app/portal/. My browser points to this URL.
This is not what I expected of a Reverse Proxy. Did I do the configuration wrong or did I misunderstand the purpose of Reverse Proxies? What should I do to get my desired behavior?
You forgot to add the following option in your reverse proxy configuration:
ProxyPreserveHost On
You can achieve the same behavior with Url Rewriting but it's not recommended in the documentation.
I tried to comment the answer from davidethell, but could not get the lines correctly formatted, so here is what I found out:
The problem was that the reverse proxy seems only to work to the URL where the War is deployed in my Tomcat, and NOT to the servlet inside the Tomcat. This leads to 2 rewrites, one of them the reverse proxy and one just rewriting everything behind that.
RewriteEngine On
RewriteRule ^/portal/$ /portal/portal
RewriteRule ^/portal(.+) http://<server>:8080/app$1 [P]
Have you tried using the mod_rewrite Proxy option instead of ProxyPass? Something like:
RewriteRule ^$ http://server:8080/app/portal/ [P]
For my https server, I used:
SSLProxyEngine on
ProxyPass / https://server:7000/
ProxyPassReverse / https://server:7000/
ProxyPreserveHost On
The SSLProxyEngine manage the https behavior from the real serrver (with port 7000 in my case). Others are just managing the redirection without changing url.
Now, In navigator I can access to https://server/ which is in reality https://server:7000/
I have 2 applications hosted on a single apache tomcat on port 8080
>
http://mydomain.com:8080/application1
http://mydomain.com:8080/application2
I would like to run an apache proxy in front of BOTH of them with the following behaviour
>
http://mydomain.com/* (apache2) -> http://mydomain.com:8080/application1/* (tomcat)
http://subdomain.mydomain.com/* (apache2) -> http://mydomain.com:8080/application2/* (tomcat)
The best I have got right now is 2 machines with different IPs and routing the domain and subdomains correspondingly.
Ideally I want the apache proxy and the 2 apps to be on the SAME machine...
Can anyone with kick arse DEVOps skills assist?
In addition to #Jon Lin answer, consider using ProxyPassReverse also, just in case your app do any redirects. It makes Apache correct URL's on responses (More about ProxyPassReverse). It will look like that:
<VirtualHost subdomain.mydomain.com:80>
ProxyPass / http://localhost:8080/application1/
ProxyPassReverse / http://localhost:8080/application1/
</VirtualHost>
<VirtualHost mydomain.com:80>
ProxyPass / http://localhost:8080/application1/
ProxyPassReverse / http://localhost:8080/application1/
</VirtualHost>
I hope it helps.
In the virtualhost config for mydomain.com (apache), you need
ProxyPassMatch ^/(.*)$ http://mydomain.com:8080/application1/$1
In the virtualhost config for subdomain.mydomain.com (apache), you nede
ProxyPassMatch ^/(.*)$ http://mydomain.com:8080/application2/$1
Both config files should be on the same machine, and even the same file. See VirtualHost Examples for some examples on how this is setup.