Proxy websocket wss:// to ws:// apache

Solution 1

i worked 24 hours for find this and searched a lot of forum but no one write about success. here is my server configuration :

CentOS release 6.7 , Apache 4.2.18

here is what i did finally : first i found that modules/mod_proxy_wstunnel.so must be enable in apache config file , but my apache didn't have that module and after a lot of search i found that module is Available in apache 2.4.5 and later.

https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html

i downloaded https://archive.apache.org/dist/httpd/httpd-2.4.18.tar.gz extracted httpd-2.4.18\modules\proxy\mod_proxy_wstunnel.c and uploaded to my server root then from terminal could compile it again with these commonds :

chmod 755 mod_proxy_wstunnel.c #set permission
pxs -i -a -c mod_proxy_tunnel.c #compile module

pxs command did compile the module and wrote in apache config file to load it

LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

after that i added these lines to end of apache config file :

RewriteEngine on
ProxyRequests Off
ProxyPreserveHost on
ProxyPass /myws ws://mysite.com:8091
ProxyPassReverse /myws ws://mysite.com:8091

AND NOW : it works ! in client side js you can set ws url like this :

var protocol = 'ws://'; 
if (window.location.protocol === 'https:') {
            protocol = 'wss://';
   }

 var wsUri =protocol+ "mysite.com/myws";  

 var ws = new WebSocket(wsUri);

and it will forward request to ws://mysite.com:8091 doesnt matter the page loaded with https or http , it will direct all request ended with /myws to ws://mysite.com:8091

Solution 2

You need to enable some Apache2 modules:

$ a2enmod proxy proxy_wstunnel proxy_http rewrite

Then you can use this configuration to solve your problem.

    ProxyRequests off
    ProxyVia on      
    RewriteEngine On

    RewriteEngine On
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule /(.*) ws://example.com:9090/$1 [P,L]

    ProxyPass               /websocket http://example.com:9090/websocket
    ProxyPassReverse        /websocket http://example.com:9090/websocket

Apache2 automatically upgrades the connection to websocket with ws://, you don't need to set the ws:// manually. I tried dozens of configurations and this is the only one that worked for me.

Solution 3

the problem I was trying to solve was similar to this one. I have a reverse proxy running under Apache 2.4 on CentOs 7 which has to work with both https and wss requests.

Behind the reverse proxy I have my app server running on an internal network. the virtual host configuration in the /etc/httpd/httpd.conf config file is as follows:

<VirtualHost *:443>
   ServerName example.com
   RewriteCond %(HTTP:Upgrade) websocket [NC]   # Required to handle the websocket connection
   RewriteCond %(HTTP:Connection) upgrade [NC]
   RewriteRule /(.*) ws://192.160.0.1/$1 [P,L]

  SSLEngine on # SSL Certificates handling
  SSLCertificateFile ssl/cert.pem # Public Certificate
  SSLCertificateKeyFile ssl/key.pem # Private certificate
  SSLCertificateChainFile ssl/ca.pem # CA or chain certificate

 ProxyPreserveHost On
 ProxyPass /websocket ws://192.168.0.1 # First you need to write the specific rules
 ProxyPassReverse /websocket ws://102.168.0.1
 ProxyPass / http://192.168.0.1 # Then the generic rules for the proxy.
 ProxyPassReverse / http://192.168.0.1
 </VirtualHost>

In your case, you will have to replace the ServerName, the SSL certificates location, and the destination of the proxy.

Author by

Sam Rad

Experienced Back-End and Front-End Web Programmer. Developed enterprise level; Self Employment and Freelance web Developer about 7 years. Enjoy learning and staying current on bleeding edge technology, systems, libraries and frameworks. Look forward to developing and exercising years of knowledge on new projects while establishing new creative solutions to optimize queries, OOP logic...

Updated on July 10, 2021