Re: [users@httpd] Re: Reverse proxy for TLS connections
On Wed, Feb 23, 2022 at 5:01 PM Tom Browder wrote: > > On Wed, Feb 23, 2022 at 06:03 Tom Browder wrote: > … >> >> I seem to be making some progress. I can get an A from SSL Labs, but I'm >> getting a 503 response when I try to go to the website directly >> (https://gbumc.church). > > > I turned on DumpIO input and output and see the following pairs errors for > any attempt to access the proxied site: > > … AH00957: http: attempt to connect to …:1 (gbumc.church) failed > … AH01114: HTTP: failed to make connection to backend: gbumc.church > > Could that be a firewall issue for port 1 even though it’s an internal > use? It could be, the full unredacted error_log entries might have more details. I would test with curl/wget on the proxy and make sure the backend is reachable. If curl/wget don't work, the proxy server isn't going to work. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: Reverse proxy for TLS connections
On Wed, Feb 23, 2022 at 06:03 Tom Browder wrote: … > I seem to be making some progress. I can get an A from SSL Labs, but I'm > getting a 503 response when I try to go to the website directly ( > https://gbumc.church). > I turned on DumpIO input and output and see the following pairs errors for any attempt to access the proxied site: … AH00957: http: attempt to connect to …:1 (gbumc.church) failed … AH01114: HTTP: failed to make connection to backend: gbumc.church Could that be a firewall issue for port 1 even though it’s an internal use? -Tom
[users@httpd] Proxying a site from another device
On my home server, I have a bunch of location directives proxying for apps running on different ports but on the same server such as /app1 or /app2. I tried to create a proxy that goes from my apache server to my DSL router which is of course on a different IP and appliance. https://domain.tld/dsl ProxyPass http://192.168.0.1/ ProxyPassReverse http://192.168.0.1/ Order deny,allow Deny from all Allow from all It will load up just the raw html but none of the assets. The page is plain rendered html with no css, images, js or anything. You can’t even login to the modem. Would this be a limitation somehow of the proxy config or a security setting on the modem that won’t let it be proxied? Thank you, Steffan Cline stef...@hldns.com 602-793-0014
Re: [users@httpd] Re: Reverse proxy for TLS connections
On Tue, Feb 22, 2022 at 12:16 Tom Browder wrote: > On Tue, Feb 22, 2022 at 11:59 Eric Covener wrote: > ... > >> The server decrypts incoming requests the same way regardless of how >> it will later handle the request (static file, CGI, proxy). > > > Okay, thanks. I'll head in that direction and see if I can get it all to > work. > I seem to be making some progress. I can get an A from SSL Labs, but I'm getting a 503 response when I try to go to the website directly ( https://gbumc.church). I'm presently using the following proxy lines for the site: ProxyPass "/" "http://gbumc.church:1/; ProxyPassReverse "/" "http://gbumc.church:1/; Is there any problem with that syntax? If not I assume the problem is with the code on the backend. Thanks. -Tom
