I am trying to setup ProxyPass in Apache 2.4.7 using unix sockets to a puma server for a rails application. I keep receiving a 500 Internal Error. When I check the apache logs I receive this message:
No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
This is my proxy config in apache
ProxyPass / unix:///home/rails/rp/tmp/sockets/puma.sock|http://127.0.0.1/
ProxyPassReverse / unix:///home/rails/rp/tmp/sockets/puma.sock|http://127.0.0.1/
If I setup a Proxy Pass on a regular tcp port like this, it works fine.
ProxyPass / http://127.0.0.1:9292
ProxyPassReverse / http://127.0.0.1:9292
Any help is appreciated, let me know if you need anymore information.
In general, there is some point for checking for reverse proxy an http server app over unix socket:
Check if Apache already loaded required modules (proxy & http_proxy) using apachectl -M command
Make sure that socket path is accessible for www-data user (it is default apache user)
Check correctness of running app on unix socket using following command:
curl --unix-socket /var/www/app/socket/path -XGET http:/someMethod
Check that ProxyPreserveHost On already present in your virtual host file and set socket address correctly (as unix:/var/www/path/to/your/socket) and after pipe mark path correctly (as |http://127.0.0.1/what/ever)
Make sure both ProxyPassReverse and ProxyPass is set correctly
I am not sure which proxy handler should handle sockets, so you could try loading them all then see which one does the job for you:
https://httpd.apache.org/docs/trunk/mod/mod_proxy.html
Note that you can also use SetHandler to specify the module you want to handle your connections
Ok, I spent a while to find the solution on one of my old server.
When you have this mod_proxy error, it's because Apache doesn't recognize the proxy module to use behind the unix socket.
Assuming that you obviously already have :
a2enmod proxy
a2enmod proxy_http
service apache2 restart
There's a good chance that your apache config file located at /etc/apache2/mods-available/proxy_http.load is empty
Add theses lines to this file :
# Depends: proxy
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
then
service apache2 restart
Related
I have a rails application running on a private subnet, using port 8080, without SSL enabled.
I also have an Apache SSL server on a DMZ, which I use as a reverse proxy to the rails application I mention first.
The problem is, rails include some absolute url in the generated code, with adresses beginning with http://...
If i use config.force_ssl = true as I read here or there, there is a infinite redirection, because rails sees the requests coming as plain HTTP and issues a redirect to HTTPS, but as the client already is.
The solution was simple enough: put this line in the reverse proxy configuration file :
RequestHeader set X-Forwarded-Proto "https"
I have a Rails 4 application and I want to run it on Passenger with SSL.
I added the Passenger gem to the gemfile and ran the server using:
bundle exec rails s -e production -p 3001 --binding=0.0.0.0
In settings I set ssl = true, which works. The SSL is recomended and the server wants to call the app with HTTPS.
When I set the vhost for HTTPS port 443 like this:
ProxyPreserveHost On
ProxyRequests On
ServerName domain.de
ServerAlias *.domain.de
ProxyPass / https://subdomain.domain.de:3001/
ProxyPassReverse / https://subdomain.domain.de:3001/
SSLEngine on
I got this error:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Apache Server at domain.de Port 443
The SSL certificate is provied through plesk 12.5.
What's the problem in this case? What do I have to change?
better and much easier way is to use passangermodule for apache or nginx
I have one apache httpd server running on a hostname:
firsthostname
I have another apache httpd server running on another hostname:
secondhostname
I want to make it such that whenever someone goes to:
firsthostname, it redirects to secondhostname. If the user goes to firsthostname/something, what the user actually sees is the as if the user went to "secondhostname/something", though the "secondhostname" is masked
What and how do I configure this on the httpd installed on "firsthostname"? I am running on a windows machine.
You can do this using apache rewrite or apache redirect
RewriteEngine on
RewriteRule ^/foo /bar
Or
Redirect /foo.html /bar.html
Check out this documentation
You will need a DNS server. You can then simply setup a CNAME record to map firsthostname to secondhostname.
I have a setup of the following:
Proxy server: https://proxy-server.com
application server: https://app-server.com
and a CAS (sso) server: https://sso-server.com
I can get the following working:
https://proxy-server.com/cas/login?service=https://app-server.com/app
But the problem for this URL is it exposes the actual app-server, which is behind the proxy server.
Ideally, I want the following:
https://proxy-server.com/cas/login?service=https://proxy-server.com/app
My question is:
Is there a way to hide (use post, encrypt targetService part, callback on proxy side, or...) the app-server.com in the URL? since I have a proxy server in front, I don't want to expose the actual app server name.
thanks
If you're running something like Apache mod_proxy on https://proxy-server.com then you should be able to hide your app behind it. Based on your example it looks like you're already doing that with your cas server since your stated your cas login url as https://proxy-server.com/cas/login
Following the same idea your app can be reached using https://proxy-server.com/app
ProxyPass /cas https://sso-server.com/cas
ProxyPassReverse /cas https://sso-server.com/cas
ProxyPass /app https://app-server.com/app
ProxyPassReverse /app https://app-server.com/app
You'd probably have to modify your serviceUrls so they are relate to proxy-server.com
ProxyPass And ProxyPassReverse Configuration
Proxy HOW-TO
Is there some way to secure an ffserver webcam stream using Apache / HTTP Authentication? Some type of Apache proxy perhaps?
Right now I have it so only machines on the LAN can view the http://webcam/stream.mjpg, but I want people from the outside to be able to access it if they provide a username / pw (HTTP Auth, which isn't built into ffserver).
Thanks!
For anyone else looking for the solution, I found it:
Use proxy.conf (apache mod-proxy) with directives such as the following:
ProxyPass |external path| http://internal_lan_ip/internal_path
One of mine that works is:
ProxyPass /proxy/matt.mjpg http://192.168.1.10:8090/matt.mjpg
So externally they are going to:
http://myserver.com/proxy/matt.mjpg
And the stream (matt.mjpg) is coming from a different host on the LAN at
http://192.168.1.10:8090/matt.mjpg.
Thus, myserver.com is a "proxy.com" for internal LAN hosts.