Re: [pound] pound 3 - poundctl?
Hello Robert,
thanks a lot for your quick response.
> Sorry, but for the moment poundctl and emergency BEs are not supported.
> We may add them in a future version.
I will be patient :)
> If you really need these features I suggest you stay with the 2.x
series.
Really 'needed' is an easy way to see the current BE's states ('alive' a.s.o.
in 2.x) derived form the results of pound's perpetual probing them.
So warnings can be issued or even additional backends can be activated
Last resort BEs ('emergency') are an easy way to show a 'back again soon' page
instead of 'timeout' oder '503' in case of short glitches.
Enabling or disabling backends by means of poundctl is really a nice feature
but 'emergency' an 'state of backends' are of higher relevance.
Best regards
Kris
--
pound mailing list
pound@apsis.ch
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
[pound] pound 3 - poundctl?
Hello Robert, migrating some webfrontends from Debian 9 to Debian 11 urges us to use pound 3.x instead of 2.x! We used to monitor our pound instances and disable/enable backends in pound 2.x via poundctl. Also the approach of emergency-backends seems to be unimplemented in 3.x? Is the only remaining path to monitor pound 3.x to analyse the machines syslog? And if, how to set up pound to log the results of pounds probing of the backends? Is there a approach to set up the former emergency-backends, too? We used 'emergency' to show simple maintenance-style-messages in (quite seldom) cases of apache/nginx denies to reload/restart due to any kind of misconfiguration ;-) Thanks a lot in advance Kris -- pound mailing list pound@apsis.ch https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
Re: [Pound Mailing List] Too many redirects
my experience if redirects from backend dont work properly, is to tune
with the RewriteLocation option. for example add
RewriteLocation 2
to your listener...
good luck and cheers.ivo
On 06/19/2013 10:45 AM, Alan McGinlay wrote:
Hmm, I'm not awesome at spotting that kind of issue (sounds like one of
those things you stare at for hours before noticing something really
obvious :) )
A good start would be to enable redirect logging in Apache as this will
tell you exactly what is going on:
RewriteLog /var/log/apache/rewrite.log
RewriteLogLevel 5 # higher numbers give more info, 5 is good start
Also, have you tried watching the headers during the requests? I use
firefox extension live http headers really great for finding this kind
of issue.
https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
Chrome has something similar but it's not as good.
My personal preference is to do those simple redirects in Pound, as you
are now doing, as it saves a pointless request to the backend.
Unfortunately Pound doesn't support paths in the destination
(url.com/path.html - url.com/newpath.html) or I would use it for all my
redirects.
/A
On 2013-06-19 10:03, Martijn de Dood wrote:
I've setup pound on my Debian Squeeze server (pound package from the
repository 2.5-1) with the following config:
## Minimal sample pound.cfg
##
## see pound(8) for details
##
## global options:
Userwww-data
Groupwww-data
#RootJail/chroot/pound
## Logging: (goes to syslog by default)
##0no logging
##1normal
##2extended
##3Apache-style (common log format)
LogLevel0
## check backend every X secs:
Alive30
## use hardware-accelleration card supported by openssl(1):
#SSLEnginehw
# poundctl control socket
Control /var/run/pound/poundctl.socket
##
## listen, redirect and ... to:
## redirect all requests on port 8080 (ListenHTTP) to the local
webserver (see Service below):
ListenHTTP
Address 111.111.111.111 # My external IP
Port80
## allow PUT and DELETE also (by default only GET, POST and HEAD)?:
xHTTP0
Service
BackEnd
Address127.0.0.1
Port80
End
End
End
Apache is running on localhost port 80.
When I visit my site via mysite.com all goes well. However when visiting
my site via www.mysite.com the browser replies with too many redirects.
The website on Apache has a .htaccess file which does the redirect from
www.mysite.com to mysite.com
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
If I setup nginx as a reverse proxy I don't get too many redirects when
requesting www, but I don't want nginx I like Pound more.
What could cause the problem of the loop?
I made a fix with this:
Service
HeadRequire ^Host: www.mysite.com$
Redirect 301 http://mysite.com;
End
But I would like to know why the loop occurs and if there is a other
solution.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Send login and register to https - redirect loop
hi mark
i add this to the listenHTTPS
AddHeader IS_SSL: SSL
so http-requests on apache side that entered as https to pound got this
header.
then i do something like this on apache:
RewriteEngine On
RewriteCond %{HTTP:IS_SSL} !^SSL$
RewriteRule ^(.*) https://site.com/$1 [L,R=301]
good luck and cheers.ivo
On 01/15/2013 11:18 AM, mark hardwick wrote:
Of course, I see what's happening now,
pound is seeing a request to https://site.com/login, decrypting the connection,
sending it to http://site.com/login which is then redirecting the request back
to https.
therefore a loop.
ok, so what is the right way to tackle this problem?
thanks
mark.
On Jan 15, 2013, at 10:58 AM, mark hardwick wrote:
Hi All,
I'm fairly new to both pound and apache configuration. I think the issue I'm
having is with pound configuration, but please excuse me if it's actually
apache.
Ok, I want to configure my site so that if people head to http://site.com/login
they are redirected to https://site.com/login but, if they try to browse to
https://site.com/somewhere_else then they are redirected to
http://site.com/somewhere_else.
I have installed my security certificate which is working. I can browse http
and https.
I have configured pound to deal with the http and https as follows:
ListenHTTP
Address 91.187.69.155
Port80
Service
HeadRequire (Host: flooting.com|Host: www.flooting.com)
BackEnd
Address 192.168.0.2
Port80
End
BackEnd
Address 192.168.0.3
Port80
End
End
End
ListenHTTPS
Address 91.187.69.155
Port443
Cert/etc/ssl/flooting.com.pem
Service
HeadRequire (Host: flooting.com|Host: www.flooting.com)
BackEnd
Address 192.168.0.2
Port80
End
BackEnd
Address 192.168.0.3
Port80
End
End
End
I have configured apache ReWrite rules as follows:
RewriteEngine On
RewriteBase /
# force https for /login and /register etc
RewriteCond %{HTTPS} =off
RewriteRule ^(login|register)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L]
# force http for all other URLs
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/(login|register|payment\/status|gopro)$
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
However the configuration does not work.
It leads to a redirect loop error, which *appears* to be in pound.
I say that because if I browse to flooting.com/login, pound attempts to send
the request to /login about 10 times and then gives up.
At this point the browser responds with a this webpage has a redirect loop
error. there are no errors in the apache logs.
I've tried get this working with just one backend webserver configured in
pound, however I still get a mail loop.
So, what am I doing wrong? Is this even remotely the correct approach to this
problem or is there a better way?
Thanks for your help
Mark.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact ro...@apsis.ch for questions.
