CentOS 5 Server :: 5.6 - Reverse Proxy With SSL

Aug 24, 2011

I've been struggling with this for a couple of days now. I'm trying to setup a reverse proxy with SSL. The config works when it's not using SSL, but as soon as I setup the virtualhost for 443, I get a ERR_CONNECTION_REFUSED in my browser.

The setup is that it's a CentOS 5.6 running Apache 2.2.3. I was configuring it via this guide: [URL]

This server is acting as a reverse proxy for a Windows server running Apache. Currently, I'm just trying to get the manager page from the Windows server to go through the reverse proxy. Here's the virtual host section of my httpd.conf file on the reverse proxy:

<VirtualHost *:443>
ServerName aspwebview.vtinfo.com
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/star_vtinfo.com.crt

[Code]....

Thoughts? Is there anything I have to do on the Windows server (maybe in the connector section of server.xml)?

View 13 Replies


ADVERTISEMENT

CentOS 5 :: Set Up A Reverse Proxy With Mod_proxy

Nov 19, 2010

I'm working on setting up a hosted OSS app on a VPS and have a question about doing some proxying. I have Centos 5.5/Apache 2.2 running on 2 VPS's, in different locations, accessible from the net. One of these hosts the app itself, the other will be used as a web portal where the end user will login to auth and then be able to access the app. Now, since I don't wan't access to the app server from the world at large, I want to firewall it and only allow access from the portal machine. So what I think I need to do is set up a reverse proxy with mod_proxy, and then if the end user auths forward them to a specific url on the app server.

So when they connect to [url] and log in I need them to be redirected to app.machine.com/theirdir

So the questions I have are:

1) Can this be done? If so, is mod_proxy the way to do it? Configuring Apache isnt a problem, but I havent worked with mod_proxy.

2) If this does work, will it also work with SSL?

3) I've seen a few small tutorials on the net, but not doing exactly what I want to. They all use the reverse proxy with a public IP connecting to a server with a private IP behind a firewall, while I have public IP's on both ends. From a network standpoint I know this shouldn't matter, but I'm not familiar with mod_proxy's particulars itself.

View 1 Replies View Related

Server :: Reverse Proxy Solution For SSH?

Jan 25, 2011

I have a server in a corporate data center for a project. I have an SSH access to this machine at port 22.There are some virtual machines running on this server and then at the back of every thing many other Operating systems are working. Now Since I am behind the data centers firewall my supervisor asked me if I can do some thing by which I can give many people on Internet access to these virtual machines directly. I know if I were allowed to get traffic on port other than 22 then I can do a port forwarding. But since I am not allowed this so what can be a solution in this case.

The people who would like to connect might be complete idiots.Who may be happy just by opening putty at their machines or may be even filezilla.I have configured an Apache Reverse Proxy for redirecting the Internet traffic to the virtual machines on these hosts.But I am not clear as for SSH what can I do.So is there some thing equivalent to an Apache Reverse Proxy which can do similar work for SSH in this situation.I do not have firewall in my hands or any port other than 22 open and in fact even if I request they wont allow to open.2 times SSH is not some thing that my supervisor wants.

View 8 Replies View Related

Server :: Trying To Configure Apache Reverse Proxy

Oct 4, 2010

I have a question to masters of Apache. In my operating system (CentOS 5) I have installed two Apaches. One is Apache (port 80) from repository where I planning to configure proxy and second one is Apache integrated(port 8090) with KnowledgeTree software. The problem is that when I am trying to configure proxy reverse it simply doesn't work.

This is link to KnowledgeTree software:
- http://127.0.0.1:8090/knowledgeTree

This link I would like to rewrite with proxy like this:
https://myserver.com/knowledgeTree
(HTTPS dont forget)

In my ssl.conf in VirtualHost part I have created something like this:
Code:
<IfModule mod_proxy.c>
<Proxy *>
Order allow,deny
Allow from all
</Proxy>

ProxyRequests off
ProxyPass /knowledgeTree http://127.0.0.1:8090/knowledgeTree
ProxyPassReverse /knowledgeTree http://127.0.0.1:8090/knowledgeTree
<Location /knowledgeTree/>
ProxyPassReverse /
</Location>
</IfModule>

When I am trying to connect I see only: Unable to connect. Firefox can't establish a connection to the server at ifdocu.contaxt.biz:8090.

View 4 Replies View Related

Server :: Apache Reverse Proxy With MS Sharepoint

Mar 22, 2011

I am trying to configure a reverse proxy server that can act as a reverse proxy for ms sharepoint server that uses https. Usually when I accessed the sharepoint server at [URL], I will be prompted to enter active directory login. But what was "500 internal server error" and in error.log: failed to enable ssl support for 10.10.1.1 (sharepoint.mycompany)

View 2 Replies View Related

Server :: How To Install Nginx As Reverse Proxy

Jul 2, 2011

I want Install nginx As Reverse Proxy for Apache

View 5 Replies View Related

Server :: Squid As Reverse Proxy - Too Slow ?

Mar 16, 2011

I've been using squid-cache for a long time for authentication/authorization. It has work fine for years, but now it starts working too slow only in one computer (the others, works fine).

It's configured as a reverse proxy.

I see it can be a DNS problem, but the computer is configured with the same dns servers in resolv.conf that the other computers have.

I use squid 2.6.stable14 on RHEL 4.4.

If I restart the service (service squid restart) it works fine, but 15-20 minutes later, the problem repeats.

View 1 Replies View Related

Server :: Setup Reverse Proxy With Proxy_mod To Port 443 On IIS Server

Aug 30, 2010

We currently have a SUSE Apache2 reverse proxy server setup to reverse proxy (proxy_mod) our GroupWise Web Access server. Our SUSE box is located at www.domain.com. Our GroupWise Web Access server is located internally and is called GWMail. We are in the process of migrating from Novell to Windows, so we will have an exchange server with OWA access running on a Windows Server 2008 IIS7 box. That one will be called EXMail internally. Right now when someone goes to www.domain.com/gw/webacc it goes to the GWMail internal server from the outside world. This was all set up by previous techs who used Linux more.

We would like to set up reverse proxy to be able to reverse proxy to the Exchange Server from the outside world. Unfortunately the snag we are running into is that Exchange needs to run on port 443, and forwarding to port 443 has been a little tricky. I've read elsewhere we need to implement a generic TCP proxy, such as IPtables. what we need to do to get our SUSU Apache2 server to be able to reverse proxy to our Exchange server on port 443. For the save of argument lets call our SUSE server ExtranetServer. Below is our default-configuration.conf file's configuration:

[Code]....

View 12 Replies View Related

Server :: Apache Vhost With Reverse Proxy And Redirection

Jan 6, 2010

Here my setup of Apache :
I have two virtual hosts on separate IP and on both I am using port :80 one is main website domain.name and another webmail.domain.name. And to get full link path I am using index.html with redirection derectives. My question how I can setup each Vhost to he is own redirection directive to set two full link like:
when type webmail.domainname -----> redirect to webmail.domainname/horde/imp/file.php
and www.domainname ------> redirect to www.domainname/csr/
Right now working only one of this Vhosts, just problem to separate them when I type www.domainname -----> apache redirect to webmail.domainname.

index.html
<html>
<head>
<title>WebSite</title>
<meta http-equiv="REFRESH" content="1;url=http://www.domainname/csr/"></HEAD>
<BODY>REDIRECTION</BODY>
</HTML> .....

View 8 Replies View Related

Server :: Reverse Proxy Unable To Configure Properly

Apr 22, 2010

I am using a reverse proxy on Debian Lenny and using apache2.

I have a site
Code:

And a site

Code:

Two files in
Code:

Code:

But the problem is [url]and [url]are both pointing to [url] I am unable to find why.I do not want to touch apache2.conf so want to go by having a VirtualHost site1.[url]

View 3 Replies View Related

Server :: Reverse Proxy On Squid To Port 8080?

Apr 25, 2011

I have got a reverse proxy that is working just fine, it accepts requests on port 443 and port 80 and ONLY sends traffic upstream to port 80 to the apache server listening on localhost. I use the following config:

https_port 10.14.1.72:443 cert=/etc/squid/self_certs/site.crt key=/etc/squid/self_certs/site.key defaultsite=site vhost
cache_peer 127.0.0.1 parent 443 80 no-query originserver login=PASS
http_port 10.14.1.72:80 vhost

My problem is the following : The site should act differently in some occasions based on whether http or https was requested. So my idea is to setup second http vhost on apache listening to port 8080 and on that vhost I would server the https code. So is it possible to use SQUID to :

Send traffic destined for port 443 to localhost:8080
and
Send traffic destined for port 80 to localhost:80 ?

View 13 Replies View Related

Server :: URL Redirection In Reverse Proxy Apache2 Environment

Apr 28, 2010

I have a webserver apache2 on debian Lenny. I am using gateway as Dom0 and rest of the operating systems are different Dom's .Using a xen virtualization setup.

I want to have a few websites
http://site1.myserver.com
http://myserver.com
and http://myserver.com/site2
I did set up a reverse proxy environment for doing this.

Code:
Dom0 LAN IP ----> 192.168.1.1 Gateway (where reverse proxy is set)
DomU1 LAN IP ----> 192.168.1.13 (here myserver.com and site1.myserver.com both are hosted.)
Domu2 LAN IP ----> 192.168.1.17 myserver.com/site2 is here.

Configuration on Dom0 of sites site1.myserver.com and myserver.com
Virtual Host Configurations on Dom0 in /etc/apache2/sites-enabled/myserver.com (on gateway)

Code:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName myserver.com
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all .....

View 10 Replies View Related

Networking :: Tuning For High Throughput Reverse-proxy Server?

Jan 18, 2011

I have an enormous quadcore machine with 16gb ram and dual gigabit NICs. It used to be for MySQL but we have upgraded the whole database infrastructure so now this server is left floating. I had the great idea of turning this into a reverse-proxy (using apache mod_proxy) and it really handles a ton of requests. But I have a feeling that we are not getting the most use out of what it can offer.

Our traffic consists of a few thousand very small (less than 10 byte) ajax calls per second, and frequently I find we are running out of kernel allocated network stack to handle all the requests. Often we get the kern.log warning "possible SYN flooding on port 80. Sending cookies." and other things like this. Obviously we are not getting SYN flooded, we just have very high demand.

So far I have found a few kernel tuning guides to tell the kernel to allocate more of the base system memory for networking but every guide I have found has been for the purpose of increasing the performance between WAN links (direct backbones between offices etc) and usually with very large file sizes being the priority. One such example (and great) write up is here:

cyberciti.biz/faq/linux-tcp-tuning/

I was hoping some people could provide further input, such as along the lines of disabling nf_conntrack (to speed up socket set up/tear down time) or anything that will speed up a high throughput proxy like mine. Any links to studies or benchmarks between different configurations or hardware gets extra points!

View 7 Replies View Related

Server :: Use A Reverse Proxy To Forward A Lot Of Websites Via 1 Central Place?

Oct 8, 2010

We use a reverse proxy to forward a lot of websites via 1 central place.so hould forward to an internal server.I already managed to forward a lot of website correctly, except for this one:hen I type:ttp://blablahblah/smt/webtier-7-11 it doesn't work correctly, but How can I make the first url to work ?

ProxyPass /smt http://192.168.10.38:8080
ProxyPassReverse /smt http://192.168.10.38:8080
ProxyPassMatch ^/((smt|webtier-7.11)(/.*)?)?$ http://192.168.10.38:8080/$1

[code]....

View 5 Replies View Related

Server :: Will Squid Work To Reverse Proxy Non-HTTP Traffic?

Aug 2, 2011

I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 2 Replies View Related

Server :: Will Squid Or HAproxy Work To Reverse Proxy Non-http Traffic

Apr 19, 2011

Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 4 Replies View Related

Server :: Apache Reverse Proxy Slow In Serving HTTP Requests

Mar 18, 2010

A Linux (CentOS5.3) server is setup with apache reverse proxy. The reverse proxy server is opened to outside and an internal server is mapped to ProxyPass configuration. SSL certificate is also installed on the Apache reverse proxy server. The problem is, it is extremely slow in serving http requests through reverse proxy. There is no problem with server resources or bandwidth. When the internal server is directly accessed through Internet, there is no delay. The backend server and the reverse proxy server are also on the same switch (same subnet). When I searched the Net, there were recommendations to enable cache in Apache. I did so as follows in httpd.conf.

<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLevels 5
CacheDirLength 3
</IfModule>

But still there is no progress. Do I want to enable cache in ssl.conf too? Or is there any other workaround to speed up Apache reverse proxy. Is there a way to check that caching is happening?

View 4 Replies View Related

Server :: Squid Reverse Proxy Server ?

Jul 22, 2011

I have done configuration of webserver and i want it to pick some information from application server,but i don want people to see that application server,please can someone tell me in detail on how to setup squid reverse proxy server so that each time people want to access my servers they can just see one server,i mean one server must act as a loadbalancer to other servers,let say a sum of up to three servers.I am using redhat 5 servers with apache 2,and squid version that i have is 2.6.

View 5 Replies View Related

Server :: Css And Java Script Is Broken Zope Running Behind An Apache Reverse Proxy?

Jun 7, 2010

a reverse proxy scenario

Code:

Server A Server B (Zope Application)
Public IP 192.168.1.5

On the first one that is A in Apache vhost file I made

Code:

ProxyPass / http://192.168.1.5:8080/VirtualHostBase/http/192.168.1.5:8080/virtual_hosting/VirtualHostRoot/eduCommons
ProxyPassReverse / http://192.168.1.5:8080/VirtualHostBase/http/192.168.1.5:8080/virtual_hosting/VirtualHostRoot/eduCommons

but the CSS and images on internet which people are accessing are broken while it is running perfectly fine if I access on LAN.

Code:

[URL]

I have checked the documentation page and here also but still the problem persists.Also on LAN if the same is accessed like this

Code:

[URL] then CSS and Java script is broken. It is an eduCommons CMS. Which I am trying to access via internet.

View 1 Replies View Related

Ubuntu :: Reverse Proxy Setup - Pass Multiple Domains Thruough One Server To Various Hosts On Local Network

Apr 13, 2011

I'm trying to pass multiple dpmains thru one ubuntu server to various hosts on my local network.

[url] should be sent to the /var/www folder on the local host.

[url] should be forwarded to an IIS box on my local network (owa.nunya.local)

[url] should be sent to another ubunto box on my local network (smtp.biznet.net)

I have tried placing VirtualHost entries in /etc/apache2/sites-available/default and [url]and [url] both work but [url] gets forwarded to the c:inetpub folder on the IIS box.

View 2 Replies View Related

Server :: Reverse Proxy - With HTTPD Httpd-2.2.3-29.el5

Jul 30, 2010

We are using this url on our testing box and this ip is reverse proxy IP ( 10.192.64.52)

Without reverse proxy:- URL is working fine.

http://10.192.16.77/akc-qa/arsys/ser...TS000000001430

But with reverse proxy its putting escape [%25] in between %3a

[url]

Is it possible to write a rewrite rule to bypass escape [NE] for this particular URL?

View 1 Replies View Related

Server :: Bind Reverse Zone : No Name With Reverse Lookup

Oct 12, 2009

I am using RHEL5. These are my config files:

Code:

options {
listen-on port 53 { 127.0.0.1; 192.168.14.54; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";

[code]....

View 3 Replies View Related

Server :: Setup Reverse Dns Check In Postfix ( CENTOS 5 )?

Nov 4, 2009

How can I setup "reverse dns check" option in Postfix ?

View 1 Replies View Related

Ubuntu :: Use Of Implementing A Reverse Proxy?

Feb 13, 2010

What is a Reverse Proxy? And what is the use of implementing a Reverse Proxy???

View 1 Replies View Related

Ubuntu :: What Is The Use Of Implementing A Reverse Proxy

Aug 12, 2010

What is a Reverse Proxy? And what is the use of implementing a Reverse Proxy?

View 2 Replies View Related

Software :: Apache / Reverse Proxy And SSL

May 26, 2010

I'm having some trouble getting Apache up and running as a reverse proxy for a site using SSL. Ideally, this Apache system will function as a web application firewall running mod_security, but first I need to get Apache running right. The system is running CentOS 5.5 and Apache 2.2. Trouble is, the web server on the back end, which is running Windows Web Server 2008 (IIS 7) requires SSL. I have been able to get Apache set up and running so that it works fine on port 80, but any secure traffic on port 443 just won't work.

So first, here's the relevant portion of the Apache config:
Code:
<VirtualHost 192.168.108.212:80>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
ProxyPass / http://192.168.108.152/
ProxyPassReverse / http://192.168.108.152/
</VirtualHost>
<VirtualHost 192.168.108.212:443>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
SSLProxyEngine On
SSLProxyMachineCertificateFile /etc/httpd/conf/server.pem
ProxyPass / https://192.168.108.152/
ProxyPassReverse / https://192.168.108.152/
</VirtualHost>

The server.pem was created following some steps I found online and was set up using the same certificate that's on the web server. It is formatted as so:

Code:
-----BEGIN CERTIFICATE-----
*****
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
*****
-----END RSA PRIVATE KEY-----

So, after all is said and done, Apache starts up just fine. Any unsecured requests on port 80 work just fine. Trying to use https results in an ssl_error_rx_record_too_long error in Firefox. The Apache logs show a 404 error, with the request being for /x16/x03/x01. I believe that means it's requesting SSL access on a non-ssl port, which doesn't make any sense to me, considering that I obviously do have something up on to listen on that port.

View 4 Replies View Related

Software :: URL Redirection Or Reverse Proxy?

Dec 27, 2010

I have a web application running on port 8060 and requires a sub directory on the end (:8060/fisheye/). I also have apache running on port 80 and would like to redirect it to [URL].

Code:
RedirectMatch ^/$ [URL] but the port number is visible, how can I hide it?

View 3 Replies View Related

Fedora Servers :: Reverse The Proxy With Squid?

Mar 14, 2011

I have a reverse proxy set up with squid. I'm going to try and explain what it's doing and I apologize for it being confusing, I'll do the best I can to describe my problem. First, it's for our phone system. We run a ShoreTel Voip system. The owner has decided he wants me to setup MCM (Mobile Call Manager), which from what I can see is an under developed, and almost impossible to get help with Shoretel software. But he's convinced he needs it for his Iphone. It's supposed to, in a nutshell, turn his Iphone into his work phone with all the advantages and doodads that come with it. Apparently, "they have an app for that". On the server side, I need to setup a reverse proxy back into the network on our phone server. Simple enough, I did this with squid. I used the following lines:

Code:

http_port 80 accel defaultsite=172.17.137.7
cache_peer http://172.17.137.7 parent 80 0 no-query originserver name=myAccel
acl our_sites dstdomain http://172.17.137.7

[code]....

Code:

always_direct allow all It most definitely is allowing traffic back to the phone server, the problem is, it hands out my internal server address to the outside client. So for instance, if I connect to the outside routable address with my phone, it will immediately change the url to http://172.17.137.7 which is the inside nat address of my phone server. Which of course doesn't work, since I couldn't browse to that address from the outside. It does however work from the inside of the network, obviously because 172.17.137.7 is accessible from the inside.

View 4 Replies View Related

Ubuntu :: Reverse Proxy - Replace Windows Box With A Box?

May 4, 2010

getting a reverse proxy to work. I have it working fine on my windows box with at32 Reverse Proxy. It was very easy to setup. Anyway I'm wanting to replace that windows box with a Linux box.Here is some background on what I'm trying to get done in Linux.

I have
[url].....

All pointing with a CNAME to my dyndns.org address. I have a dynamic IP from my ISP so I need this and its currently working just fine.my ISP blocks port 80 so I have to use port 443. Port 443 seems to be the most reliable port to use since its one of the ports my ISP does not block and its one of the ports other places like hotels dont block.So I want to access my bittorrent server. I type in http:[url]....443 and the at32 Reverse Proxy points it to my internal server http://bittorrent on port 80.

I got this to work perfect in windows.So right now I'm doing this all in a virtual machine for testing. I have Apache all setup and working with the reverse proxy except for my thermostat's web server.Here is how I have it setup in the virtual machine.The machine is called testbox and its running Ubuntu Alt 10.04 32bit .In that VM I can go to http: // testbox but it will only display the HTML code of the page.If I go directly to the main page on the thermostat http://testbox/index.shtml the web page renders just fine and all the links work.My sites-available config file has this inside.

<VirtualHost testbox:80>
ProxyPass / http://192.168.0.205/
ProxyPassReverse / http://192.168.0.205/
</VirtualHost>

The config file is for port 80 but I think once I get things working in the testbox I should not have any problems switching it to port 443.

View 2 Replies View Related

Ubuntu Servers :: Apache2 Reverse Proxy ?

May 11, 2010

A first server with apache2 installed and configured as reverse proxy, that works great, with this version:

That works mostly, but fail with an oma (outlook mobile access) redirection

It works for all reverse sites hosted, but when we try to connect to oma using a nokia phone, it fails.

I can see in access.log that it hangs on FolderSync istance.

I've used wireshark to sniff packets, and in oma server I can see only three way handshaking coming...

My doubt is: when I'll upgrade working server, also it will not work anymore...

Configurations are the same (I've copied /etc/apache2 folder from running one to new one).

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved