I am trying to configure a reverse proxy server that can act as a reverse proxy for ms sharepoint server that uses https. Usually when I accessed the sharepoint server at [URL], I will be prompted to enter active directory login. But what was "500 internal server error" and in error.log: failed to enable ssl support for 10.10.1.1 (sharepoint.mycompany)
View 2 Replies
I have a question to masters of Apache. In my operating system (CentOS 5) I have installed two Apaches. One is Apache (port 80) from repository where I planning to configure proxy and second one is Apache integrated(port 8090) with KnowledgeTree software. The problem is that when I am trying to configure proxy reverse it simply doesn't work.
This is link to KnowledgeTree software:
- http://127.0.0.1:8090/knowledgeTree
This link I would like to rewrite with proxy like this:
https://myserver.com/knowledgeTree
(HTTPS dont forget)
In my ssl.conf in VirtualHost part I have created something like this:
Code:
<IfModule mod_proxy.c>
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyRequests off
ProxyPass /knowledgeTree http://127.0.0.1:8090/knowledgeTree
ProxyPassReverse /knowledgeTree http://127.0.0.1:8090/knowledgeTree
<Location /knowledgeTree/>
ProxyPassReverse /
</Location>
</IfModule>
When I am trying to connect I see only: Unable to connect. Firefox can't establish a connection to the server at ifdocu.contaxt.biz:8090.
Here my setup of Apache :
I have two virtual hosts on separate IP and on both I am using port :80 one is main website domain.name and another webmail.domain.name. And to get full link path I am using index.html with redirection derectives. My question how I can setup each Vhost to he is own redirection directive to set two full link like:
when type webmail.domainname -----> redirect to webmail.domainname/horde/imp/file.php
and www.domainname ------> redirect to www.domainname/csr/
Right now working only one of this Vhosts, just problem to separate them when I type www.domainname -----> apache redirect to webmail.domainname.
index.html
<html>
<head>
<title>WebSite</title>
<meta http-equiv="REFRESH" content="1;url=http://www.domainname/csr/"></HEAD>
<BODY>REDIRECTION</BODY>
</HTML> .....
A Linux (CentOS5.3) server is setup with apache reverse proxy. The reverse proxy server is opened to outside and an internal server is mapped to ProxyPass configuration. SSL certificate is also installed on the Apache reverse proxy server. The problem is, it is extremely slow in serving http requests through reverse proxy. There is no problem with server resources or bandwidth. When the internal server is directly accessed through Internet, there is no delay. The backend server and the reverse proxy server are also on the same switch (same subnet). When I searched the Net, there were recommendations to enable cache in Apache. I did so as follows in httpd.conf.
<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLevels 5
CacheDirLength 3
</IfModule>
But still there is no progress. Do I want to enable cache in ssl.conf too? Or is there any other workaround to speed up Apache reverse proxy. Is there a way to check that caching is happening?
a reverse proxy scenario
Code:
Server A Server B (Zope Application)
Public IP 192.168.1.5
On the first one that is A in Apache vhost file I made
Code:
ProxyPass / http://192.168.1.5:8080/VirtualHostBase/http/192.168.1.5:8080/virtual_hosting/VirtualHostRoot/eduCommons
ProxyPassReverse / http://192.168.1.5:8080/VirtualHostBase/http/192.168.1.5:8080/virtual_hosting/VirtualHostRoot/eduCommons
but the CSS and images on internet which people are accessing are broken while it is running perfectly fine if I access on LAN.
Code:
[URL]
I have checked the documentation page and here also but still the problem persists.Also on LAN if the same is accessed like this
Code:
[URL] then CSS and Java script is broken. It is an eduCommons CMS. Which I am trying to access via internet.
I'm having some trouble getting Apache up and running as a reverse proxy for a site using SSL. Ideally, this Apache system will function as a web application firewall running mod_security, but first I need to get Apache running right. The system is running CentOS 5.5 and Apache 2.2. Trouble is, the web server on the back end, which is running Windows Web Server 2008 (IIS 7) requires SSL. I have been able to get Apache set up and running so that it works fine on port 80, but any secure traffic on port 443 just won't work.
So first, here's the relevant portion of the Apache config:
Code:
<VirtualHost 192.168.108.212:80>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
ProxyPass / http://192.168.108.152/
ProxyPassReverse / http://192.168.108.152/
</VirtualHost>
<VirtualHost 192.168.108.212:443>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
SSLProxyEngine On
SSLProxyMachineCertificateFile /etc/httpd/conf/server.pem
ProxyPass / https://192.168.108.152/
ProxyPassReverse / https://192.168.108.152/
</VirtualHost>
The server.pem was created following some steps I found online and was set up using the same certificate that's on the web server. It is formatted as so:
Code:
-----BEGIN CERTIFICATE-----
*****
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
*****
-----END RSA PRIVATE KEY-----
So, after all is said and done, Apache starts up just fine. Any unsecured requests on port 80 work just fine. Trying to use https results in an ssl_error_rx_record_too_long error in Firefox. The Apache logs show a 404 error, with the request being for /x16/x03/x01. I believe that means it's requesting SSL access on a non-ssl port, which doesn't make any sense to me, considering that I obviously do have something up on to listen on that port.
I'm having a problem with reverse proxy on apache. In the proxy I have a config like this:
<VirtualHost xxx.xxx.xxx.xxx:80>
RewriteEngine on
ServerName test2.mydomain.se
PROXYRequests Off
ProxyPass / http://app.otherdomain.se/
ProxyPassReverse / http://app.otherdomain.se
SecRuleEngine On
SecAuditEngine On
</VirtualHost>
When I try to reach the "[URl]" I get an error on a script in firebug.
GET [URL]
500 Internal Server Error
62ms
startp...tpassword (row 68)
document.getElementById(id) is null
[Stop by error] document.getElementById(id).innerHTML = result;
It seems to me that there is a problem with some XML stuff or something but I'm not sure about that.
I have a question regarding the possibility of streaming video using an Apache web server configured as a reverse proxy. Suppose I have a local web server and areverse proxy that is abroad. I want users that are nearer the reverse proxy to be served by it and not my local web server. I know in general how to configure this and there is a lot of documentation. But can it be configured to support video file streaming without saving all the media content in the reverse proxy disk?
View 6 Replies View RelatedI installed apache2 and mysql database on a Debian system. It is using reverse proxy on apache to redirect requests to apache2 running on any machine which is on Xen server as a Virtual host. I tried to install Drupal on it. Every thing went fine till I pointed my browser to:
http://IP[/url] of LAN where Drupal was installed/drupal
then I see an installation page of Drupal which welcomes me. I click install in English then it can not proceed to connect with database. Database configuration: Your web server does not appear to support any common database types. Check with your hosting provider to see if they offer any databases that Drupal supports.
I have created a database and username for Drupal separately. What should I check to. There is one more error
http://Public IP/some location/
Is showing me contents of Document Root but there is a folder named drupal on it. When I click on it I get error. Not Found. The requested URL /drupal/ was not found on this server. Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch proxy_html/3.0.0 Server at
What things should I check in for? I am also getting errors like:
- Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName on individual DomU's what should I check in. and on Dom0 when restarting apache2 I get following error.
- Reloading web server config: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
[Wed Apr 14 15:23:05 2010] [warn] NameVirtualHost *:80 has no VirtualHosts
I've been trying to figure out how to set up my Apache 2 running on Ubuntu 9.10 to provide a reverse proxy so I can see my wifi network camera monitoring my dogs and still have access to my family website. First, I followed the suggestions from this thread on Ubuntu forums: [URL]. I set up a similar rule set at the end of my /etc/apache2/sites-available/default, restarted apache -- from which I got a response saying that Apache2 could not determine the server name -- and then tried logging into my server through its ip address. When I tried http://192.168.2.80/dogCam, I just got a 404 error. Here's what I added: (I also tried my domain name, but it also didn't work.)
Code:
<VirtualHost 192.168.2.80:80>
ProxyPass /dogCam/ http://192.168.2.160/
ProxyPassReverse /dogCam/ http://192.168.2.160/
</VirtualHost>
When I looked at many other threads, I get recommendations to have my setup in httpd.conf. But, in both this server and a freshly installed Ubuntu laptop, my httpd.conf file is empty! I tried copying and pasting the recommended contents of the following thread, with the example proxy paths replaced with the ones I needed: [URL]. Straight-forward tutorials don't seem to apply, as Ubuntu has a blank httpd.conf file. I figured out that Ubuntu seems to load its modules by simply adding soft-links to the modules of interest from modules-enabled to modules-available. But, after a full day of trying to figure out what looks to be fairly simple and well-documented, I am at a loss for setting up this reverse proxy or even figuring out where to set ServerName to define my domain name to Apache2 in Ubuntu.
I am having a few websites running in a Reverse Proxy scenario on Ubuntu Server 10.04. The configuration is like this:
Code:
|--------------192.168.1.1
| (site1.abc.com)
|
|--------------192.168.1.2
| (site2.abc.com)
|
|
|
|
|--------------192.168.1.3
| (site3.abc.com)
|
|
|
|
|--------------192.168.1.4
| (site4.abc.com)
(Public IP ) |
A-------------------|
(reverse proxy server) |
(192.168.1.25) |
|--------------192.168.1.5
| (site5.abc.com)
|
Except one all websites are running properly and being redirected to their respective domains.
Following is the configuration which I used for each site define on server A a vhost file which contains following
Code:
# ProxyPass / http://<Ip of Server>
# ProxyPassReverse / http://<Ip of Server>
So if I have 5 websites then I have 5 vhost file on the gateway in above diagram A and in each of those file as above root of site is redirected to internal IP. 4 of them are running properly. The fifth website is running on port 8080:/keyword. So in its vhost file on gateway I defined
Code:
# ProxyPass / http://<Ip of Server>:8080/keyword
# ProxyPassReverse / http://<Ip of Server>:8080/keyword
I can see on Lan http://<Ip of Server>:8080/keyword but when from internet I try to see:
http://site5.abc.com
I get redirected to a page is https://site5.abc.com:8443/ and it says
Code:
The webpage at https://site5.abc.com:8443/ might be temporarily down or it may have moved permanently to a new web address. The site5.abc.com has a requirement to be run at port 8080 internally and it is not a Ubuntu server.(Red Hat based server). While rest all are Ubuntu servers including gateway A.
I have a server in a corporate data center for a project. I have an SSH access to this machine at port 22.There are some virtual machines running on this server and then at the back of every thing many other Operating systems are working. Now Since I am behind the data centers firewall my supervisor asked me if I can do some thing by which I can give many people on Internet access to these virtual machines directly. I know if I were allowed to get traffic on port other than 22 then I can do a port forwarding. But since I am not allowed this so what can be a solution in this case.
The people who would like to connect might be complete idiots.Who may be happy just by opening putty at their machines or may be even filezilla.I have configured an Apache Reverse Proxy for redirecting the Internet traffic to the virtual machines on these hosts.But I am not clear as for SSH what can I do.So is there some thing equivalent to an Apache Reverse Proxy which can do similar work for SSH in this situation.I do not have firewall in my hands or any port other than 22 open and in fact even if I request they wont allow to open.2 times SSH is not some thing that my supervisor wants.
I've been struggling with this for a couple of days now. I'm trying to setup a reverse proxy with SSL. The config works when it's not using SSL, but as soon as I setup the virtualhost for 443, I get a ERR_CONNECTION_REFUSED in my browser.
The setup is that it's a CentOS 5.6 running Apache 2.2.3. I was configuring it via this guide: [URL]
This server is acting as a reverse proxy for a Windows server running Apache. Currently, I'm just trying to get the manager page from the Windows server to go through the reverse proxy. Here's the virtual host section of my httpd.conf file on the reverse proxy:
<VirtualHost *:443>
ServerName aspwebview.vtinfo.com
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/star_vtinfo.com.crt
[Code]....
Thoughts? Is there anything I have to do on the Windows server (maybe in the connector section of server.xml)?
I want Install nginx As Reverse Proxy for Apache
View 5 Replies View RelatedI've been using squid-cache for a long time for authentication/authorization. It has work fine for years, but now it starts working too slow only in one computer (the others, works fine).
It's configured as a reverse proxy.
I see it can be a DNS problem, but the computer is configured with the same dns servers in resolv.conf that the other computers have.
I use squid 2.6.stable14 on RHEL 4.4.
If I restart the service (service squid restart) it works fine, but 15-20 minutes later, the problem repeats.
We currently have a SUSE Apache2 reverse proxy server setup to reverse proxy (proxy_mod) our GroupWise Web Access server. Our SUSE box is located at www.domain.com. Our GroupWise Web Access server is located internally and is called GWMail. We are in the process of migrating from Novell to Windows, so we will have an exchange server with OWA access running on a Windows Server 2008 IIS7 box. That one will be called EXMail internally. Right now when someone goes to www.domain.com/gw/webacc it goes to the GWMail internal server from the outside world. This was all set up by previous techs who used Linux more.
We would like to set up reverse proxy to be able to reverse proxy to the Exchange Server from the outside world. Unfortunately the snag we are running into is that Exchange needs to run on port 443, and forwarding to port 443 has been a little tricky. I've read elsewhere we need to implement a generic TCP proxy, such as IPtables. what we need to do to get our SUSU Apache2 server to be able to reverse proxy to our Exchange server on port 443. For the save of argument lets call our SUSE server ExtranetServer. Below is our default-configuration.conf file's configuration:
[Code]....
I am using a reverse proxy on Debian Lenny and using apache2.
I have a site
Code:
And a site
Code:
Two files in
Code:
Code:
But the problem is [url]and [url]are both pointing to [url] I am unable to find why.I do not want to touch apache2.conf so want to go by having a VirtualHost site1.[url]
I have got a reverse proxy that is working just fine, it accepts requests on port 443 and port 80 and ONLY sends traffic upstream to port 80 to the apache server listening on localhost. I use the following config:
https_port 10.14.1.72:443 cert=/etc/squid/self_certs/site.crt key=/etc/squid/self_certs/site.key defaultsite=site vhost
cache_peer 127.0.0.1 parent 443 80 no-query originserver login=PASS
http_port 10.14.1.72:80 vhost
My problem is the following : The site should act differently in some occasions based on whether http or https was requested. So my idea is to setup second http vhost on apache listening to port 8080 and on that vhost I would server the https code. So is it possible to use SQUID to :
Send traffic destined for port 443 to localhost:8080
and
Send traffic destined for port 80 to localhost:80 ?
I have a webserver apache2 on debian Lenny. I am using gateway as Dom0 and rest of the operating systems are different Dom's .Using a xen virtualization setup.
I want to have a few websites
http://site1.myserver.com
http://myserver.com
and http://myserver.com/site2
I did set up a reverse proxy environment for doing this.
Code:
Dom0 LAN IP ----> 192.168.1.1 Gateway (where reverse proxy is set)
DomU1 LAN IP ----> 192.168.1.13 (here myserver.com and site1.myserver.com both are hosted.)
Domu2 LAN IP ----> 192.168.1.17 myserver.com/site2 is here.
Configuration on Dom0 of sites site1.myserver.com and myserver.com
Virtual Host Configurations on Dom0 in /etc/apache2/sites-enabled/myserver.com (on gateway)
Code:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName myserver.com
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all .....
I have an enormous quadcore machine with 16gb ram and dual gigabit NICs. It used to be for MySQL but we have upgraded the whole database infrastructure so now this server is left floating. I had the great idea of turning this into a reverse-proxy (using apache mod_proxy) and it really handles a ton of requests. But I have a feeling that we are not getting the most use out of what it can offer.
Our traffic consists of a few thousand very small (less than 10 byte) ajax calls per second, and frequently I find we are running out of kernel allocated network stack to handle all the requests. Often we get the kern.log warning "possible SYN flooding on port 80. Sending cookies." and other things like this. Obviously we are not getting SYN flooded, we just have very high demand.
So far I have found a few kernel tuning guides to tell the kernel to allocate more of the base system memory for networking but every guide I have found has been for the purpose of increasing the performance between WAN links (direct backbones between offices etc) and usually with very large file sizes being the priority. One such example (and great) write up is here:
cyberciti.biz/faq/linux-tcp-tuning/
I was hoping some people could provide further input, such as along the lines of disabling nf_conntrack (to speed up socket set up/tear down time) or anything that will speed up a high throughput proxy like mine. Any links to studies or benchmarks between different configurations or hardware gets extra points!
We use a reverse proxy to forward a lot of websites via 1 central place.so hould forward to an internal server.I already managed to forward a lot of website correctly, except for this one:hen I type:ttp://blablahblah/smt/webtier-7-11 it doesn't work correctly, but How can I make the first url to work ?
ProxyPass /smt http://192.168.10.38:8080
ProxyPassReverse /smt http://192.168.10.38:8080
ProxyPassMatch ^/((smt|webtier-7.11)(/.*)?)?$ http://192.168.10.38:8080/$1
[code]....
I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
View 2 Replies View RelatedWill squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
View 4 Replies View RelatedI have done configuration of webserver and i want it to pick some information from application server,but i don want people to see that application server,please can someone tell me in detail on how to setup squid reverse proxy server so that each time people want to access my servers they can just see one server,i mean one server must act as a loadbalancer to other servers,let say a sum of up to three servers.I am using redhat 5 servers with apache 2,and squid version that i have is 2.6.
View 5 Replies View RelatedI'm trying to pass multiple dpmains thru one ubuntu server to various hosts on my local network.
[url] should be sent to the /var/www folder on the local host.
[url] should be forwarded to an IIS box on my local network (owa.nunya.local)
[url] should be sent to another ubunto box on my local network (smtp.biznet.net)
I have tried placing VirtualHost entries in /etc/apache2/sites-available/default and [url]and [url] both work but [url] gets forwarded to the c:inetpub folder on the IIS box.
I dont know my question is right or wrong.I want to know can i use apache as a proxy .Is there any relation between apache and squid proxy.
View 1 Replies View RelatedWe are using this url on our testing box and this ip is reverse proxy IP ( 10.192.64.52)
Without reverse proxy:- URL is working fine.
http://10.192.16.77/akc-qa/arsys/ser...TS000000001430
But with reverse proxy its putting escape [%25] in between %3a
[url]
Is it possible to write a rewrite rule to bypass escape [NE] for this particular URL?
I've read the documentation, but I'm still confused. I have two servers, one running Postfix and SquirrelMail, and another i want to setup a wiki(already setup) and Photo Gallery.On my Second server(2)I have two virutal webservers, wiki.rmasonfamily.info and photo.rmasonfamily.info, both running on port 80.My first computer is running my mail server again as a virtual server, mail.rmasonfamily.info. Default server is not used in either one.
Server 1 will be my proxy server, and if I understand correctly, my reverse proxy. Ubuntu had Apache set with a configuration in etc/apache2 using sites-available with configuration for each Virtual Server with sites-enabled with links to configuration files in sites-available. My Virtual Server in Server 2 are working fine, along with my mail server in Server 1. this is the code I assume I must use to bypass to wiki.rmasonfamily.info. In server 1, under sites-available, in the file wiki.rmasonfamily.info this is the code I put
<VirtualHost *:80>
ServerName wiki.rmasonfamily.info
ProxyRequests Off
ProxyPreserveHost On
[code]....
Doesn't work, I know I'm doing something wrong...
I am using RHEL5. These are my config files:
Code:
options {
listen-on port 53 { 127.0.0.1; 192.168.14.54; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
[code]....
I am trying to set up Apache and Webmin so that I can access Webmin by going to [URL]. I am using the direction at [URL] under the "Webmin In A Sub-Directory Via A Proxy" section. I had this setup working before, but I think an update of either Webmin or Apache broke it. Now, I can go the the webpage and I see the login screen. However, when I try to log in, I get an error.
Quote:
Error - No cookies
Your browser does not support cookies, which are required for this web server to work in session authentication mode I have tried adding the ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath directives to my virtual host config file, but it still doesn't work.
Quote:
# webmin
ProxyPass /webmin/ http://localhost:10000/
ProxyPassReverse /webmin/ http://localhost:10000/
[code].....
