Apache mod_proxy: forward secure websocket to non-secure

ssl apache-2.4 mod-proxy websocket

14,632

To get things to work, I also needed to load mod_proxy_wstunnel

Once I did, this ruleset got things working: (in the VirtualHost of the domain that receives and proxies the websocket request)

<IfModule mod_proxy.c>
    ProxyPass "/_ws_/" "ws://127.0.0.1:8080/"
    ProxyPassReverse "/_ws_/" "ws://127.0.0.1:8080/"
</IfModule>

The browser can then contact the backend WS server through the HTTPS port:

var ws = new Websocket('wss://example.com/_ws_/');

14,632

Updated on September 18, 2022

BeetleJuice almost 2 years
The websocket library I rely on (PHP-Websockets) does not yet support secure sockets (wss). My website is served over https though, so I cannot use insecure ws connections.

I'm trying to use Apache's mod_proxy to forward the secure request that comes from the browser on to the client.

Javascript
```
var ws = new Websocket('wss://example.com/_ws_/');
```
Apache VirtualHosts
```
ProxyPass        "/_ws_/" "ws://127.0.0.1:8080/"
ProxyPassReverse "/_ws_/" "ws://127.0.0.1:8080/"
# I've also tried "/_ws_/" "ws://example.com:8080/"  Same error below
```
Upon trying to connect, the browser receives a 500 Server Error. The logs show:

No protocol handler was valid for the URL /_ws_/. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

I've confirmed that if I remove the proxy rules, stop redirecting users to https and try to connect to insecure sockets from the browser: new Websocket('ws://example.com/'), things work just fine.

My loaded Apache modules include mod_ssl.c, mod_proxy.c and mod_proxy_http.c

Apache 2.4
Gilles Lesire over 3 years

How should this be applied if the socket url is of this format? ws://127.0.0.1:8080/script.php