Wednesday 15 May 2013

mod rewrite - Can't force 'https' and reverse proxy with Apache at the same time -



mod rewrite - Can't force 'https' and reverse proxy with Apache at the same time -

really racking brain on one. need forcefulness 'https' whenever user requests 'http' on site, @ same time need proxy pass apache tomcat (over http). can't these 2 pieces work in tandem.

i have https redirect defined here in httpd.conf:

<virtualhost *:80> servername myserver.foo.com redirect / https://myserver.foo.com/ </virtualhost>

then proxy:

rewriteengine on rewritelog /opt/httpserver/logs/rewrite_log rewriteloglevel 9 rewriterule ^/testnew/myapp(.*)$ http://localhost:8080/test/myapp$1?product=new [nc,p,qsa] rewriterule ^/testold/myapp(.*)$ http://localhost:8080/test/myapp$1?product=old [nc,p,qsa]

note: does work if utilize proxypass instead, need able add together additional parameters request, hence utilize of [p] flag approach here.

so when nail next url, apache http server page reads "not found". http://myserver.foo.com/testnew/myapp/runreport

in access log, there's 404

[10/nov/2014:01:45:21 -0600] "get /testnew/myapp/runreport http/1.1" 404 321

also, nil gets written rewrite log.

as understand it, rewriterules execute before redirect, if above url did work (and don't understand why doesn't), wouldn't redirected http https. how can accomplish this?

i tried using rewriterules:

rewriteengine on rewritecond %{https} !on rewriterule ^(.*)$ https://%{http_host}$1 [r=301] rewriterule ^/testnew/myapp(.*)$ http://localhost:8080/test/myapp$1?product=new [nc,p,qsa] rewriterule ^/testold/myapp(.*)$ http://localhost:8080/test/myapp$1?product=old [nc,p,qsa]

however this, url gets translated include https scheme , hostname after 1st redirect, subsequent rewriterules fail match. if add together total 'https://myserver.foo.com' rewriterule, matches, total url gets translated http via proxy.

i can't win! seems me mutual configuration. did miss something? i've been looking @ long.

i able work moving proxy rewriterules under *:443 virtualhost , leaving http -> https ones @ global level, i.e.

listen 443 <virtualhost *:443> sslenable sslclientauth none rewriteengine on rewritelog /opt/httpserver/logs/rewrite_log-443 rewriteloglevel 9 rewriterule ^/testnew/myapp(.*)$ http://localhost:8080/test/myapp$1?product=new [nc,p,qsa] </virtualhost> ... ... rewriteengine on rewritecond %{https} !on rewriterule ^(.*)$ https://%{http_host}$1 [r=301]

works beautifully now. :)

apache mod-rewrite reverse-proxy

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)