I have a vps(Plesk, ubuntu) with one ip. I create a domain.com on the IP and several subdomains like jenkins.domain.com and blog.domain.com .
Now i wanted to redirect jenkins.domain.com to port 1122 and use this for example. But unfortunately all subdomains redirect then to domain.com:1122. What i want at the End is :
jenkins.domain.com redirect to domain.com:1122 without changing the url.
roundcube.domain.com redirect to domain.com:8844 without changing the url.
Is that possible?
I got it like just adding this config to the vhost.conf my subdomain(i.e jenkins) or into web server settings in Plesk.
ProxyPass / http://localhost:1122/
ProxyPassReverse / http://localhost:1122/
ProxyRequests Off
ProxyPreserveHost On
<Proxy http://localhost:1122/*>
Order deny,allow
Allow from all
</Proxy>
If all subdomains redirect it means that you have set wildcard virtual host. You have to create or modify two virtual host for every subdomain.
Related
I have a server apache2 with a few of websites.
One of these is served both on http and https
All of others are server only on http
I inherited this bad situation from an ex worker of company whre I am imployed, do not blame me
If I try to access via https one of other website, apach2 is serving, i think, the first (and only) server accessible via https, even if it has a different domain.
If I access https://blablbalca.com, apache2 knows that blablbalca.com is not served on https, but It doesn't give me a 404, it serves https://anotherwebsite.com
What directive tells apache to automatically serves 'the first one' in case of missed definition?
How to fix?
EDIT: I found a more elegant and generalized way to express my question:
How can I avoid that apache2 serves a random virtual host if a domain, pointing to the same ip, is not really served from my server?
You can do a name best virtual host and set the ServerName and ServerAlias to match each website. Furthermore, if you want 'blablbalca.com' to return an error when accessed over HTTPs, you'll have to setup a virtual host in the your_site.conf to handle traffics coming from the https port. Like doing a redirection or showing an error page.
The default configuration file that deals with the incoming connection from a domain name that is not on the server or without domain name at all (direct IP connection):
For port 80:
<VirtualHost *:80>
ProxyPass "/" "http://your/path/here"
ProxyPassReverse "/" "http://your/path/here"
</VirtualHost>
For port 443 (SSL):
<VirtualHost *:443>
ProxyPass "/" "http://your/path/here"
ProxyPassReverse "/" "http://your/path/here"
</VirtualHost>
The website with a domain:
<VirtualHost *:80>
ServerName yoursite.com
ServerAlias www.yoursite.com
ServerAdmin none#webhost.com
DocumentRoot /var/www/yourWebsite
</VirtualHost>
I am removing a lot of directives and only keep the ones that we are focusing on in this case.
I have a website (http://www.goodfoodwaiheke.org) configured as a virtual host on Apache2. The virtual hosting configuration redirects traffic from apache2 to tomcat8 via these conf parameters:
<VirtualHost *:80>
ServerName www.goodfoodwaiheke.org
ServerAlias goodfoodwaiheke.org
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/coop/
ProxyPassReverse / http://localhost:8080/coop/
</VirtualHost>
On tomcat, the /coop/ part of the address invokes the JSF application in coop.war. This seems to work. The correct welcome page is served except for one problem. The url for static resources are being served incorrectly. For example, the url of the background image on the welcome page, which is actually in http://www.goodfoodwaiheke.org/coop/resources/images/GoodFoodWaiheke4.png is served to the browser as http://www.goodfoodwaiheke.org/coop/coop/resources/images/GoodFoodWaiheke4.png (i.e. the coop app name is duplicated in the url). This is causing static resources to not work. Although I can sort of understand why this may be happening I am unsure of how to fix it. I know I could offload the static resources onto the Apache2 server but for various reasons I would like the war file to be self-contained and for tomcat to be responsible for serving the whole site.
I'd be very grateful for any suggestions as to what I need to change.
I'm trying to run a jetty/wicket application behind a proxy. This to avoid users to type the port number of the jetty.
ProxyPass /test http://xx.xx.xx.xxx:8012/myapp
ProxyPassReverse /test http://xx.xx.xx.xxx:8012/myapp
ProxyPassReverseCookiePath / /test
When I'm trying to connect to xx.xx.xx.xxx/test it redirects to
http://xx.xx.xx.xxx/myapp
This gives me an error message since it's trying to connect on port 80?
How should I write this proxy?
The easy solution is to match exactly the same path. Something like this:
ProxyPass /myapp http://localhost:8012/myapp
ProxyPassReverse /myapp http://localhost:8012/myapp
ProxyPassReverseCookieDomain localhost www.publicdomain.net
I have 2 applications hosted on a single apache tomcat on port 8080
>
http://mydomain.com:8080/application1
http://mydomain.com:8080/application2
I would like to run an apache proxy in front of BOTH of them with the following behaviour
>
http://mydomain.com/* (apache2) -> http://mydomain.com:8080/application1/* (tomcat)
http://subdomain.mydomain.com/* (apache2) -> http://mydomain.com:8080/application2/* (tomcat)
The best I have got right now is 2 machines with different IPs and routing the domain and subdomains correspondingly.
Ideally I want the apache proxy and the 2 apps to be on the SAME machine...
Can anyone with kick arse DEVOps skills assist?
In addition to #Jon Lin answer, consider using ProxyPassReverse also, just in case your app do any redirects. It makes Apache correct URL's on responses (More about ProxyPassReverse). It will look like that:
<VirtualHost subdomain.mydomain.com:80>
ProxyPass / http://localhost:8080/application1/
ProxyPassReverse / http://localhost:8080/application1/
</VirtualHost>
<VirtualHost mydomain.com:80>
ProxyPass / http://localhost:8080/application1/
ProxyPassReverse / http://localhost:8080/application1/
</VirtualHost>
I hope it helps.
In the virtualhost config for mydomain.com (apache), you need
ProxyPassMatch ^/(.*)$ http://mydomain.com:8080/application1/$1
In the virtualhost config for subdomain.mydomain.com (apache), you nede
ProxyPassMatch ^/(.*)$ http://mydomain.com:8080/application2/$1
Both config files should be on the same machine, and even the same file. See VirtualHost Examples for some examples on how this is setup.
I have a server serverA running a weblogic application App1, with base url /app1/ on port 7001, and another server serverB, running a weblogic application App2, with base url /app2/ on port 8001. Both servers run Solaris, Apache2 and Weblogic 9.2
(details changed, but these are representantive)
In other words, app1 could be accessed on
http://serverA:7001/app1/
and app2 on
http://serverB:8001/app2/
However, the customer requires that all access to the applications use https on port 443 to server1.
If there was only one application, I could use a virtual host and set the handler for URLS beginning with /app1/ to the Weblogic proxy, which would forward them on to server 1 on port 7001.
With two apps, I would need another virtual host with another Location statement matching /app2/ and forwarding to the current server on port 8001 ... but I don't see how this could work as the first virtual host will have done the SSL negotiation to determine the URL, and Apache presumably can't do that over when things fall through to the second virtual server.
So how do I handle this?
My current idea is to proxy all SSL requests arrving at server1 to the same server server1, on port 80 (so essentially just doing SSL termination), then adding two virtual hosts for the /app1/ and /app2/ URLs in the way described above.
Is this going to work? Have I missed something obvious about other ways of doing this?
EDIT: I think I may have missed that the Weblogic plugin can have several blocks each directing the page to different places. In which case this becomes easy.
I will test tomorrow when back at work and update the question
First, the must read resource for this is of course the official documentation : Installing and Configuring the Apache HTTP Server Plug-In (see also this previous answer for more links about the WLS 9 plugin).
As detailed in the section Configuring the Apache HTTP Server Plug-In, I'd define several IfModule, one for each application (clustered or not), and, indeed, several VirtualHost (which can include IfModule). There is an example in the documentation:
# VirtualHost1 = localhost:80
<VirtualHost 127.0.0.1:80>
DocumentRoot "C:/test/VirtualHost1"
ServerName localhost:80 <IfModule mod_weblogic.c>
#... WLS parameter ...
WebLogicCluster localhost:7101,localhost:7201
# Example: MatchExpression *.jsp <some additional parameter>
MatchExpression *.jsp PathPrepend=/test2
</IfModule>
</VirtualHost>
# VirtualHost2 = 127.0.0.2:80
<VirtualHost 127.0.0.2:80>
DocumentRoot "C:/test/VirtualHost1"
ServerName 127.0.0.2:80
<IfModule mod_weblogic.c>
#... WLS parameter ...
WebLogicCluster localhost:7101,localhost:7201
# Example: MatchExpression *.jsp <some additional parameter>
MatchExpression *.jsp PathPrepend=/test2
#... WLS parameter ...
</IfModule>
</VirtualHost> <IfModule mod_weblogic.c>
Note that this is a Multiple IP-Based Virtual Hosts configuration (and not Name-Based as stated in the documentation). But this is actually good because this is exactly what you need when using SSL as you can't use name-based virtual hosts. Quoting Why can't I use SSL with name-based/non-IP-based virtual hosts? from Apache's SSL/TLS Strong Encryption: FAQ
The reason is very technical, and a somewhat "chicken and egg" problem. The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection (HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this, mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to go to the correct virtual server Apache has to know the Host HTTP header field. To do this, the HTTP request header has to be read. This cannot be done before the SSL handshake is finished, but the information is needed in order to complete the SSL handshake phase. Bingo!
So, in the sampel above, modify the virtual hosts IP addresses and ports, the ServerName, adapt the IfModule to suit your needs (and set up DNS entries to point on the IPs) and there you go.
I don't have any experience with weblogic, so maybe I'm missing something important. But this sounds like a straightforward application for apache's reverse proxy capability. Set up an apache instance serving https, and configure two locations as follows:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<Location /app1>
ProxyPass http://serverA:7001/app1
ProxyPassReverse http://serverA:7001/app1
</Location>
<Location /app2>
ProxyPass http://serverB:8001/app2
ProxyPassReverse http://serverB:8001/app2
</Location>
The example config from the WebLogic 10.3.x documentation is a perfect fit for your question. Here it is with some other details added:
<VirtualHost _default_:443>
SSLEngine on
# other SSL options here...
LoadModule weblogic_module /home/Oracle/Middleware/wlserver_10.3/server/plugin/linux/x86_64/mod_wl_22.so
<IfModule mod_weblogic.c>
<Location /app1>
WebLogicHost serverA
WebLogicPort 7001
SetHandler weblogic-handler
</Location>
<Location /app2>
WebLogicHost serverB
WebLogicPort 8001
SetHandler weblogic-handler
</Location>
</IfModule>
</VirtualHost>
I use this and works fine.