My requirement is to proxy request all request that starts with app to single balencer
ProxyPass /app balancer://ajpCluster1/app stickysession=JSESSIONID
ProxyPassReverse /app balancer://ajpCluster1/app stickysession=JSESSIONID
ProxyPass /app1 balancer://ajpCluster1/app1 stickysession=JSESSIONID
ProxyPassReverse /app1 balancer://ajpCluster1/app1 stickysession=JSESSIONID
ProxyPass /app2 balancer://ajpCluster1/app2 stickysession=JSESSIONID
ProxyPassReverse /app2 balancer://ajpCluster1/app2 stickysession=JSESSIONID
I want replace all above with single proxypass like below
ProxyPass /app* balancer://ajpCluster1/app* stickysession=JSESSIONID
ProxyPassReverse /app* balancer://ajpCluster1/app* stickysession=JSESSIONID
Related
I have only used Apache HTML on my backend and implemented my app using HTML/PHP requests so far. Now I want to implement a socket connection. For this, I am currently trying to set up the socket module on my Apache web server. I tried these steps. Reverse Proxy. However, after adding ProxyPass on the VirtualHost :443, I can no longer access my HTML pages.
503 Service Unavailable - The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Is it possible to still access the HTML/PHP pages despite the socket module? Do i have to create a new VirtualHost with a different Port, e.g. the Websocket Port but how can i make the handshake?
My apache2/sites-available/conf looks like this:
<VirtualHost *:80>
ServerName ***
<IfModule mod_ssl.c>
Redirect / https://***
</IfModule>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/***
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ***
ServerAdmin webmaster#localhost
DocumentRoot /var/www/***
<Directory /var/www>
# Options -Indexes +FollowSymLinks
# AllowOverride none
# Order allow,deny
# allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond ${HTTP:Upgrade} websocket [NC]
RewriteCond ${HTTP:Connection} upgrade [NC]
RewriteRule .* "wss:/localhost:12123/$1" [P,L]
ProxyPass / https://localhost:12123/ #Here is the problem
ProxyPassReverse / https://localhost:12123/
ProxyRequests off
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/***/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/***/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/***/chain.pem
</VirtualHost>
</IfModule>
I recognized that my nextcloud installation has following problem:
“Your data directory and your files are probably accessible from the Internet. The .htaccess file is not working. We strongly suggest that you configure your web server in a way that the data directory is no longer accessible or you move the data directory outside the web server document root.”
My apache2 config of the directory with the nextcloud installation looks like this:
<VirtualHost *:80>
ServerAdmin emailadresse#email.org
ServerName cloud.domain.yt
ServerAlias cloud.domain.yt
DocumentRoot /var/www/cloud.domain.yt
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /root/cloudflare/domain.yt.pem
SSLCertificateKeyFile /root/cloudflare/domain.yt.key
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.domain.yt
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</VirtualHost>
<Directory /var/www/cloud.domain.yt/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
SetEnv HOME /var/www/cloud.domain.yt
SetEnv HTTP_HOME /var/www/cloud.domain.yt
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
My .htaccess file (in the data directory looks like this:
# Generated by Nextcloud on 2021-11-08 19:38:35
# Section for Apache 2.4 to 2.6
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order Allow,Deny
Deny from all
Satisfy All
</IfModule>
# Section for Apache 2.2
<IfModule !mod_authz_core.c>
<IfModule !mod_access_compat.c>
<IfModule mod_authz_host.c>
Order Allow,Deny
Deny from all
</IfModule>
Satisfy All
</IfModule>
</IfModule>
# Section for Apache 2.2 to 2.6
<IfModule mod_autoindex.c>
IndexIgnore *
</IfModule>
It should work perfectly fine. But it doesnt. I also installed all required apache2 addons.
I also wrote with someone on a github post. The user said it would probably be better to ask on websites like this one.
Most other informations are already on the github post (about 9 hours old right now)
https://github.com/nextcloud/server/issues/6449
How can I fix this?
After I applied the configuration it loops until I get an "ERR_TOO_MANY_REDIRECTS"
This is my VirtualHost configuration:
NameVirtualHost *
<VirtualHost *:80>
ServerName my-domain.com
ServerAlias my-site.my-domain.com
DocumentRoot /var/www/my-site
ErrorLog /home/my-site/logs/my-site/error.log
CustomLog /home/my-site/logs/my-site/access.log combined
Redirect permanent / https://my-site.my-domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#my-domain.com
ServerName my-domain.com
ServerAlias my-site.my-domain.com
DirectoryIndex index.php
DocumentRoot /var/www/my-site
ErrorLog /home/my-site/logs/my-site/ssl/error.log
CustomLog /home/my-site/logs/my-site/ssl/access.log combined
SSLEngine on
SSLCertificateFile /home/my-site/SSL/site_com_ar.crt
SSLCertificateKeyFile /home/my-site/SSL/HSSL-5dceb81ff3d10.key
SSLCertificateChainFile /home/my-site/SSL/USERTrustRSAAddTrustCA.crt
</VirtualHost>
How can I track down this issue?
I've solved it just in case anyone needs it:
i've added or modified a ".htaccess" file in each subdomain's root directory with the following:
First be sure you've got "mod_rewrite" enabled:
sudo a2enmod rewrite
Then reset apache:
sudo systemctl restart apache2
Now create or modify (in case it already exists) ".htaccess" in your subdomain root directory:
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirect to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
</IfModule>
Hope this helps you too!
I have site which isn't really working properly on SSL certificate.
The website works properly on 443 port with SSLEngine off directive in my configuration file, with SSLEngine on is responsing with 503 Error.
It also connects on port 80 by default and I don't really know where to change that because everywhere I have set port 443.
.htaccess file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ https://www.antoszbk.xyz/$1 [R,L]
configuration file (while working properly):
<VirtualHost *:443>
ServerAdmin xxx#xxx.com
DocumentRoot /var/www/html/index.html
ServerName antoszbk.xyz
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine off
SSLCertificateFile /etc/ssl/certs/www.antoszbk.xyz.csr
SSLCertificateKeyFile /etc/ssl/private/www.antoszbk.xyz.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
The solution was in DNS Server Configuration.
Certificate given to me by provider was set to antoszbk.xyz alias but in my SSL configuration I set it up to www.antoszbk.xyz. Still receive an error if trying to connect by IPv6 (AAAA record) redirection but it is a matter of time for the DNS to process it.
I can't access my robots.txt (locally located at /home/git/gitlab/public/robots.txt)
I Followed this recipe for installation on centos + apache
I've already tried to exclude robots.txt but this wasnt enough
This is my current VirtualHost for gitlab
<VirtualHost git.domain.tld:80>
ServerName git.domain.tld
ServerSignature Off
ProxyPreserveHost On
<Location />
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://git.domain.tld/
</Location>
#apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
# needed for downloading attachments
DocumentRoot /home/git/gitlab/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/gitlab_error.log
CustomLog /var/log/httpd/logs/gitlab_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/gitlab_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/gitlab.log combined
</VirtualHost>
try to change
/home/git/gitlab/config/environments/production.rb
config.serve_static_assets = true
(it's false by default)