Apache 2.4 Proxy for External, Redirect for Internal

proxy reverse-proxy apache-2.4
5,885

The following should work if you are allowed to use subdomains, only should I can't test it at the moment ...

However the logic should work.

Use the to redirect XTERNs to a sub domain eg. xtern.example.com and resolve the things with virtual hosts!

<VirtualHost *:80>
    ServerName example.com

    <If "%{REMOTE_ADDR} !-ipmatch 'xxx.xxx.xxx.xxx/24'">
        Redirect "/" "http://xtern.example.com"
    </If>


    ProxyPass http://server.local.corp:8000/
    ProxyPassReverse http://server.local.corp:8000/
</VirtualHost>

<VirtualHost *:80>
    ServerName xtern.example.com

    ProxyPass http://server.xtern.corp:8000/
    ProxyPassReverse http://server.xtern.corp:8000/
</VirtualHost>
Share:
5,885

Related videos on Youtube

Brian
Author by

Brian

Working at JAMF software in the development operations group.

Updated on September 18, 2022

Comments

  • Brian
    Brian over 1 year

    I am attempting to setup a reverse proxy to allow only a few select ip ranges to proxy to an internal host, while I would like anyone else not within the ip ranges to redirect to our internal named host. In this setup, the webservice will work while anyone who is not VPN'd into our network will not be capable of navigating to the internal resource. I have been attempting to get this to work without luck, my partial config is currently as follows:

           ProxyRequests Off
    <Proxy *>
            Allow from all
    </Proxy>
    <Location />
            Allow From xxx.xxx.xxx.xxx/24 1xxx.xxx.xxx.xxx/23
            Deny From All
            ProxyPass http://server.local.corp:8000/
            ProxyPassReverse http://server.local.corp:8000/
    </Location>

    This config appears to work well for blocking other ip ranges from being able to proxy, however I am unclear how I can add a redirect statement for anyone else.

    Edit Taking advice from the first answer my code now looks like:

    <If "%{REMOTE_ADDR} -ipmatch 'xxx.xxx.xxx.xxx/24'">
  ProxyPass / http://server.local.corp:8000/
  ProxyPassReverse / http://server.local.corp:8000/
</If>

    And apache throws the following error on restart:

    ProxyPass cannot occur within <If> section
Action 'configtest' failed.
The Apache error log may have more information.
    • laiba rehman
      laiba rehman over 9 years
      I'm facing the same error regarding ProxyPass and the <If> section
  • Javier Méndez
    Javier Méndez about 7 years
    Apache 2.4 does not allow ProxyPass within <If> section
  • alxgomz
    alxgomz about 7 years
    hmmm.. I can't remember wether or not I tested it, but this is weird because the doc clearly states that "Only directives that support the directory context can be used within this configuration section." which is the case of "ProxyPass"...
  • Jesse Glick
    Jesse Glick about 6 years

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

502 from Apache over HTTPS with reverse proxy to Node server on different port
502 proxy error apache reverse proxy
Is it possible to replace content on every page passed through a proxy similar to how mod_rewrite is used for URLs?
Configure Nginx with proxy_pass with two locations
Reverse Proxy Java
Reverse proxy from nginx to squid
nginx proxy_pass is setting port in response
Apache ProxyPass with dynamic hostname
Apache server reverse-proxying another apache server, getting "AH01102: error reading status line from remote server"
Nginx reverse proxy 404 on static files