Apache ProxyPass with dynamic hostname

Solution 1

To use Apache ProxyPass directives with dynamic hostnames you will need to also use ModRewrite.

Objective

All requests to the virtualhost will ProxyPass and ProxyPassReverse (also known as an "Apache Gateway") to the %{HTTP_HOST}

The only reason this would make sense to do is if you have localhost entries on the apache server for specfic host names

Examples

Localhost File

10.0.0.2 foo.bar.com    
10.0.0.3 bar.bar.com    

How it works

1. The client makes a request to foo.bar.com (dnslookup is a public IP... YOUR APACHE SERVER)
2. Your apache server has a localhost entry of 10.0.0.2 for foo.bar.com (some other server on your network)
3. The request goes through ModRewrite and /path1 is appended, then handed off to ProxyPass and ProxyPassReverse
4. ProxyPass and ProxyPassReverse hand the call off to foo.bar.com at ip 10.0.0.2

Client requests foo.bar.com ---reverse proxies to----> foo.bar.com/path1 (on some OTHER internal server)

Apache Configuration

    <VirtualHost *:443>
    Servername *

    # Must not contain /path1 in path (will add /path1)
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/path1/.*
    RewriteRule ^/(.*) https://%{HTTP_HOST}/path1$1 [NC,R=302,L]

    # Must contain /path1 in path (will send request to the proxy)
    RewriteEngine On
    RewriteOptions Inherit
    RewriteCond %{REQUEST_URI} ^/path1/.*
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [NC,P]

    SSLEngine on
    SSLProxyEngine On
    ProxyRequests Off

    ProxyPass            /  https://$1/
    ProxyPassReverse     /  https://$1/

    ProxyPreserveHost On

    ###################
    # SSL Constraints #
    ###################

    SSLProtocol -ALL +SSLv3 +TLSv1

    # Choose cipher suites
    SSLHonorCipherOrder On
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT

    # SameOrigin The page can only be displayed in a frame on the same origin as the page itself
    Header set X-Frame-Options SAMEORIGIN

    SSLCertificateFile     /etc/apache2/example.crt
    SSLCertificateKeyFile  /etc/apache2/example.key
    SSLCertificateChainFile /etc/apache2/gd_bundle.crt
    SetOutputFilter INFLATE;proxy-html;DEFLATE
</VirtualHost>

source: http://brakertech.com/apache-proxypass-with-dynamic-hostname/

Solution 2

There's no way to dynamically reverse proxy like that using proxy pass. However, you can do it using mod_rewrite's P flag. The same thing with ProxyPassReverse, you can't use the %{HTTP_HOST}, however, since the hostnames are the same as the same, you don't need it at all. Just need:

RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [L,P]

One issue you may run into is that since DNS resolves proxying server to some IP, the proxying server must know that the same DNS hostname does not resolve to itself and actually resolves to a backend server (the server to proxy to), otherwise it will cause a loop.

Author by

brakertech

https://brakertech.com

Updated on June 30, 2022