Apache 2.4 Proxy for External, Redirect for Internal
The following should work if you are allowed to use subdomains, only should I can't test it at the moment ...
However the logic should work.
Use the to redirect XTERNs to a sub domain eg. xtern.example.com and resolve the things with virtual hosts!
<VirtualHost *:80>
ServerName example.com
<If "%{REMOTE_ADDR} !-ipmatch 'xxx.xxx.xxx.xxx/24'">
Redirect "/" "http://xtern.example.com"
</If>
ProxyPass http://server.local.corp:8000/
ProxyPassReverse http://server.local.corp:8000/
</VirtualHost>
<VirtualHost *:80>
ServerName xtern.example.com
ProxyPass http://server.xtern.corp:8000/
ProxyPassReverse http://server.xtern.corp:8000/
</VirtualHost>
Related videos on Youtube
Brian
Working at JAMF software in the development operations group.
Updated on September 18, 2022Comments
-
Brian over 1 year
I am attempting to setup a reverse proxy to allow only a few select ip ranges to proxy to an internal host, while I would like anyone else not within the ip ranges to redirect to our internal named host. In this setup, the webservice will work while anyone who is not VPN'd into our network will not be capable of navigating to the internal resource. I have been attempting to get this to work without luck, my partial config is currently as follows:
ProxyRequests Off <Proxy *> Allow from all </Proxy> <Location /> Allow From xxx.xxx.xxx.xxx/24 1xxx.xxx.xxx.xxx/23 Deny From All ProxyPass http://server.local.corp:8000/ ProxyPassReverse http://server.local.corp:8000/ </Location>
This config appears to work well for blocking other ip ranges from being able to proxy, however I am unclear how I can add a redirect statement for anyone else.
Edit Taking advice from the first answer my code now looks like:
<If "%{REMOTE_ADDR} -ipmatch 'xxx.xxx.xxx.xxx/24'"> ProxyPass / http://server.local.corp:8000/ ProxyPassReverse / http://server.local.corp:8000/ </If>
And apache throws the following error on restart:
ProxyPass cannot occur within <If> section Action 'configtest' failed. The Apache error log may have more information.
-
laiba rehman over 9 yearsI'm facing the same error regarding ProxyPass and the <If> section
-
-
Javier Méndez about 7 yearsApache 2.4 does not allow ProxyPass within <If> section
-
alxgomz about 7 yearshmmm.. I can't remember wether or not I tested it, but this is weird because the doc clearly states that "Only directives that support the directory context can be used within this configuration section." which is the case of "ProxyPass"...
-
Jesse Glick about 6 yearsref: Apache bug #54965