HTTPS reverse proxy using apache

http reverse-proxy httpd.conf ssl proxy
10,827

To get the HTTP requests to redirect instead of proxying, you should do two things:

  1. Move your proxying config (SSLProxyEngine through ProxyPassReverse into the SSL virtual host in /etc/httpd/conf.d/ssl.conf, so that it'll only apply there

  2. Create an HTTP virtual host which will redirect - probably in a new .conf file in /etc/httpd/conf.d:

    <VirtualHost *:80>
  ServerName redirect
  RewriteEngine On
  RewriteRule ^(.*) https://%{HTTP_HOST}/$1
</VirtualHost>
Share:
10,827
Sean Thoman
Author by

Sean Thoman

Updated on September 18, 2022

Comments

  • Sean Thoman
    Sean Thoman over 1 year

    I am using this apache configuration to set up a reverse proxy to a process running on the same machine, on port 8443, 

    <Directory "/var/www/html">
   Options +FollowSymLinks
   RewriteEngine On
   RewriteCond %{HTTPS} off 
   RewriteRule ^(.*) https://%{HTTP_HOST}/$1
</Directory>

<IfModule mod_proxy.c>

ProxyRequests Off

<Proxy *>
   Order deny,allow
   Allow from all
</Proxy>

SSLProxyEngine On
ProxyPass / https://127.0.0.1:8443/
ProxyPassReverse / https://127.0.0.1:8443/

</IfModule>

    The process running on 8443 already has HTTPS / SSL certificate set up. Is this a valid / good configuration or can I do it better?

    I noticed that currently even http:// will proxy to https:// without the rewrite kicking in. I think this might compromise SSL? I'd rather have only 443 proxy to 8443 and just use a URL rewrite to rewrite the http:// requests to https:// requests. Is that possible using apache?

    Thanks.

    EDIT - Here is the virtual host information as requested, 

    VirtualHost Configuration: 
wildcard NameVirtualHosts and _default_ servers:
_default_:443       127.0.0.1 (/etc/httpd/conf.d/ssl.conf:74)
Syntax OK
    • ravi yarlagadda
      ravi yarlagadda almost 10 years
      Sounds like this is just in the global config and not in a <VirtualHost> block, right? Can you add the output from apachectl -S to your question?
    • Sean Thoman
      Sean Thoman almost 10 years
      See my edit. This is global configuration in httpd.conf.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

HTTP SSL Proxy with Java Apache HttpClient
Apache server reverse-proxying another apache server, getting "AH01102: error reading status line from remote server"
502 proxy error apache reverse proxy
Stunnel too many clients
Squid reverse proxy with optional SSL
Create a Reverse Proxy in NodeJS that can handle multiple secure domains
WebSocket through SSL with Apache reverse proxy
Nginx reverse proxy error:14077438:SSL SSL_do_handshake() failed
Nginx does redirect, not proxy
How to redirect on the same port from http to https with nginx reverse proxy