HTTPS reverse proxy using apache
To get the HTTP requests to redirect instead of proxying, you should do two things:
Move your proxying config (
SSLProxyEngine
throughProxyPassReverse
into the SSL virtual host in/etc/httpd/conf.d/ssl.conf
, so that it'll only apply thereCreate an HTTP virtual host which will redirect - probably in a new
.conf
file in/etc/httpd/conf.d
:<VirtualHost *:80> ServerName redirect RewriteEngine On RewriteRule ^(.*) https://%{HTTP_HOST}/$1 </VirtualHost>
Sean Thoman
Updated on September 18, 2022Comments
-
Sean Thoman over 1 year
I am using this apache configuration to set up a reverse proxy to a process running on the same machine, on port 8443,
<Directory "/var/www/html"> Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*) https://%{HTTP_HOST}/$1 </Directory> <IfModule mod_proxy.c> ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> SSLProxyEngine On ProxyPass / https://127.0.0.1:8443/ ProxyPassReverse / https://127.0.0.1:8443/ </IfModule>
The process running on 8443 already has HTTPS / SSL certificate set up. Is this a valid / good configuration or can I do it better?
I noticed that currently even http:// will proxy to https:// without the rewrite kicking in. I think this might compromise SSL? I'd rather have only 443 proxy to 8443 and just use a URL rewrite to rewrite the http:// requests to https:// requests. Is that possible using apache?
Thanks.
EDIT - Here is the virtual host information as requested,
VirtualHost Configuration: wildcard NameVirtualHosts and _default_ servers: _default_:443 127.0.0.1 (/etc/httpd/conf.d/ssl.conf:74) Syntax OK
-
ravi yarlagadda almost 10 yearsSounds like this is just in the global config and not in a
<VirtualHost>
block, right? Can you add the output fromapachectl -S
to your question? -
Sean Thoman almost 10 yearsSee my edit. This is global configuration in httpd.conf.
-