Re: [pound] pound 3 - poundctl?
Hello Robert, thanks a lot for your quick response. > Sorry, but for the moment poundctl and emergency BEs are not supported. > We may add them in a future version. I will be patient :) > If you really need these features I suggest you stay with the 2.x series. Really 'needed' is an easy way to see the current BE's states ('alive' a.s.o. in 2.x) derived form the results of pound's perpetual probing them. So warnings can be issued or even additional backends can be activated Last resort BEs ('emergency') are an easy way to show a 'back again soon' page instead of 'timeout' oder '503' in case of short glitches. Enabling or disabling backends by means of poundctl is really a nice feature but 'emergency' an 'state of backends' are of higher relevance. Best regards Kris -- pound mailing list pound@apsis.ch https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
[pound] pound 3 - poundctl?
Hello Robert, migrating some webfrontends from Debian 9 to Debian 11 urges us to use pound 3.x instead of 2.x! We used to monitor our pound instances and disable/enable backends in pound 2.x via poundctl. Also the approach of emergency-backends seems to be unimplemented in 3.x? Is the only remaining path to monitor pound 3.x to analyse the machines syslog? And if, how to set up pound to log the results of pounds probing of the backends? Is there a approach to set up the former emergency-backends, too? We used 'emergency' to show simple maintenance-style-messages in (quite seldom) cases of apache/nginx denies to reload/restart due to any kind of misconfiguration ;-) Thanks a lot in advance Kris -- pound mailing list pound@apsis.ch https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
Re: [Pound Mailing List] Too many redirects
my experience if redirects from backend dont work properly, is to tune with the RewriteLocation option. for example add RewriteLocation 2 to your listener... good luck and cheers.ivo On 06/19/2013 10:45 AM, Alan McGinlay wrote: Hmm, I'm not awesome at spotting that kind of issue (sounds like one of those things you stare at for hours before noticing something really obvious :) ) A good start would be to enable redirect logging in Apache as this will tell you exactly what is going on: RewriteLog /var/log/apache/rewrite.log RewriteLogLevel 5 # higher numbers give more info, 5 is good start Also, have you tried watching the headers during the requests? I use firefox extension live http headers really great for finding this kind of issue. https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/ Chrome has something similar but it's not as good. My personal preference is to do those simple redirects in Pound, as you are now doing, as it saves a pointless request to the backend. Unfortunately Pound doesn't support paths in the destination (url.com/path.html - url.com/newpath.html) or I would use it for all my redirects. /A On 2013-06-19 10:03, Martijn de Dood wrote: I've setup pound on my Debian Squeeze server (pound package from the repository 2.5-1) with the following config: ## Minimal sample pound.cfg ## ## see pound(8) for details ## ## global options: Userwww-data Groupwww-data #RootJail/chroot/pound ## Logging: (goes to syslog by default) ##0no logging ##1normal ##2extended ##3Apache-style (common log format) LogLevel0 ## check backend every X secs: Alive30 ## use hardware-accelleration card supported by openssl(1): #SSLEnginehw # poundctl control socket Control /var/run/pound/poundctl.socket ## ## listen, redirect and ... to: ## redirect all requests on port 8080 (ListenHTTP) to the local webserver (see Service below): ListenHTTP Address 111.111.111.111 # My external IP Port80 ## allow PUT and DELETE also (by default only GET, POST and HEAD)?: xHTTP0 Service BackEnd Address127.0.0.1 Port80 End End End Apache is running on localhost port 80. When I visit my site via mysite.com all goes well. However when visiting my site via www.mysite.com the browser replies with too many redirects. The website on Apache has a .htaccess file which does the redirect from www.mysite.com to mysite.com RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] If I setup nginx as a reverse proxy I don't get too many redirects when requesting www, but I don't want nginx I like Pound more. What could cause the problem of the loop? I made a fix with this: Service HeadRequire ^Host: www.mysite.com$ Redirect 301 http://mysite.com; End But I would like to know why the loop occurs and if there is a other solution. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions.
Re: [Pound Mailing List] Send login and register to https - redirect loop
hi mark i add this to the listenHTTPS AddHeader IS_SSL: SSL so http-requests on apache side that entered as https to pound got this header. then i do something like this on apache: RewriteEngine On RewriteCond %{HTTP:IS_SSL} !^SSL$ RewriteRule ^(.*) https://site.com/$1 [L,R=301] good luck and cheers.ivo On 01/15/2013 11:18 AM, mark hardwick wrote: Of course, I see what's happening now, pound is seeing a request to https://site.com/login, decrypting the connection, sending it to http://site.com/login which is then redirecting the request back to https. therefore a loop. ok, so what is the right way to tackle this problem? thanks mark. On Jan 15, 2013, at 10:58 AM, mark hardwick wrote: Hi All, I'm fairly new to both pound and apache configuration. I think the issue I'm having is with pound configuration, but please excuse me if it's actually apache. Ok, I want to configure my site so that if people head to http://site.com/login they are redirected to https://site.com/login but, if they try to browse to https://site.com/somewhere_else then they are redirected to http://site.com/somewhere_else. I have installed my security certificate which is working. I can browse http and https. I have configured pound to deal with the http and https as follows: ListenHTTP Address 91.187.69.155 Port80 Service HeadRequire (Host: flooting.com|Host: www.flooting.com) BackEnd Address 192.168.0.2 Port80 End BackEnd Address 192.168.0.3 Port80 End End End ListenHTTPS Address 91.187.69.155 Port443 Cert/etc/ssl/flooting.com.pem Service HeadRequire (Host: flooting.com|Host: www.flooting.com) BackEnd Address 192.168.0.2 Port80 End BackEnd Address 192.168.0.3 Port80 End End End I have configured apache ReWrite rules as follows: RewriteEngine On RewriteBase / # force https for /login and /register etc RewriteCond %{HTTPS} =off RewriteRule ^(login|register)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # don't do anything for images/css/js (leave protocol as is) RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L] # force http for all other URLs RewriteCond %{HTTPS} =on RewriteCond %{REQUEST_URI} !^/(login|register|payment\/status|gopro)$ RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] However the configuration does not work. It leads to a redirect loop error, which *appears* to be in pound. I say that because if I browse to flooting.com/login, pound attempts to send the request to /login about 10 times and then gives up. At this point the browser responds with a this webpage has a redirect loop error. there are no errors in the apache logs. I've tried get this working with just one backend webserver configured in pound, however I still get a mail loop. So, what am I doing wrong? Is this even remotely the correct approach to this problem or is there a better way? Thanks for your help Mark. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions. -- To unsubscribe send an email with subject unsubscribe to pound@apsis.ch. Please contact ro...@apsis.ch for questions.