I have a service running on my server, it is possible to access it through http and ws. I have the dilemma when I am going to configure the subdomain in Apache2, because I would like to have both protocols working for the same subdomain. That is, if the incoming connection is using the HTTP protocol (http://) then Apache2 must redirect the connection to SERVICE:HTTP_PORT, if it is websocket (ws://) I want it to go to SERVICE:WS_PORT. Is there any way to do this without having to use routes like / ws or / websocket to make the connection?
Duplicate for WebSockets and Apache proxy : how to configure mod_proxy_wstunnel?
I followed the instructions of this answer: https://stackoverflow.com/a/35141086/4763630
This is the final Apache2 config for my server:
<VirtualHost *:80>
ServerAdmin admin#example.com
ServerName service.example.com
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) wss://service.example.com/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) https://service.example.com/$1 [P,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName service.example.com
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:1886/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://localhost:1996/$1 [P,L]
ProxyPassReverse / https://service.example.com
<Location "/">
Header set Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
</Location>
SSLEngine On
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile cert.pem
SSLCertificateKeyFile privkey.pem
SSLCertificateChainFile chain.pem
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Now I can access with http://, https://, ws:// and wss://.
Related
I created an apache server on Centos and configured the entire environment. I've already done the part of pointing the IP to the domain and even activated the SSL certificate (Lets Encrypt) and it worked, but some things are going wrong. For example, when I click on any link on the screen on my domain, the URL automatically goes to my IP instead of continuing on the domain. The same happens when I try to access domain.com/wp-admin, it is redirected to IP/wp-admin. I think it's some basic configuration but I'm a beginner in this part so if anyone can help I'll be grateful!
Vhosts:
<VirtualHost *:80>
ServerName mydomain.com
ServerAlias www.mydomain.com
DocumentRoot /var/www/html/wordpress
ErrorLog /var/www/example.com/log/error.log
CustomLog /var/www/example.com/log/requests.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.mydomain.com [OR]
RewriteCond %{SERVER_NAME} =mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
for default conf file (redirects all request to your domain with https):
<VirtualHost IP_ADDRESS:80>
Protocols h2 h2c http/1.1
ServerAdmin mail#example.com
Redirect permanent / https://example.com/
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
And for your domain conf file:
<VirtualHost example.com:80>
Protocols h2 http/1.1
RewriteEngine on
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost example.com:443>
Protocols h2 h2c http/1.1
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
ServerName example.com
DocumentRoot /var/www/example.com
Alias / "/var/www/example.com/"
<Directory /var/www/example.com/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</VirtualHost>
I have installed my new website on an AWS EC2 instance and have an elastic IP. I have already enabled HTTPS for my site. At present, the domain loads with the website without any issue, but the IP points to the Apache default page. I followed several tutorials to point the IP address back to the HTTPS version of my site. But it's not working. But if I use https://xx.xx.xx.xx I get a "Your connection is not private" warning.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteCond %{REMOTE_ADDR} ^xx\.xx\.xx\.xx$
RewriteRule ^(.*)$ https://mynewwebsite.com/$1 [L,R=301]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Vhost:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#mynewwebsite.com
ServerName mynewwebsite.com
ServerAlias www.mynewwebsite.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/mynewwebsite.com_error.log
CustomLog ${APACHE_LOG_DIR}/mynewwebsite.com_access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mynewwebsite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mynewwebsite.com/privkey.pem
</VirtualHost>
</IfModule>
You have to define two VirtualHost with 443 ports.
One of this contains the same configuration for your application:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#mynewwebsite.com
ServerName mynewwebsite.com
ServerAlias www.mynewwebsite.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/mynewwebsite.com_error.log
CustomLog ${APACHE_LOG_DIR}/mynewwebsite.com_access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mynewwebsite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mynewwebsite.com/privkey.pem
</VirtualHost>
</IfModule>
One for redirect without ServerName and ServerAlias equal to wildcard (*).
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#mynewwebsite.com
ServerAlias *
DocumentRoot /var/www/html/
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^(.*)$ https://mynewwebsite.com/$1 [L,R=301]
</IfModule>
</VirtualHost>
</IfModule>
This prevent to get the default page even if the user try to make a request with a FQDN different from your configuration.
Important!: You have to respect the order of configuration.
Salvo.
The problem solved when I replaced ServerName with my IP instead of my server FQDN. I assume this method only works, if you have added the server and domain in /etc/hosts, which I have already added.
<VirtualHost *:80>
ServerAdmin admin#mynewwebsite.com
ServerName xx.xx.xx.xx <------------------- IP
ServerAlias www.mynewwebsite.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/mynewwebsite.com_error.log
CustomLog ${APACHE_LOG_DIR}/mynewwebsite.com_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mynewwebsite.com [OR]
RewriteCond %{SERVER_NAME} =www.mynewwebsite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#mynewwebsite.com
ServerName mynewwebsite.com <------------------- Domain
ServerAlias www.mynewwebsite.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/mynewwebsite.com_error.log
CustomLog ${APACHE_LOG_DIR}/mynewwebsite.com_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mynewwebsite.com [OR]
RewriteCond %{SERVER_NAME} =www.mynewwebsite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
i use aws ec2 bitnami wordpress built a webiste. but i face one issue.
for installing SSL, I Changed .conf document. now I faced one problem.
i can open the domain abc.com (for example only) but can not open www.abc.com.when i want to open www..abc.com , it redirect the address to http://abc.comhttps//www.abc.com/.
May i now how to solve it?
Bitnami Engineer here,
Please follow these steps to force the redirection to HTTPS in our stack:
Add the following lines in the default Apache virtual host configuration file at /opt/bitnami/apache2/conf/bitnami/bitnami.conf, inside the default VirtualHost directive, so that it looks like this:
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache2/htdocs"
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
...
</VirtualHost>
Restart Apache to apply the changes.
sudo /opt/bitnami/ctlscript.sh restart apache
You can find more information about this redirection in our documentation
I not sure how edit .conf here, can I add the conf code here for checking?
# Default Virtual Host configuration.
<IfVersion < 2.3 >
NameVirtualHost *:80
NameVirtualHost *:443
</IfVersion>
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache2/htdocs"
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
RewriteEngine On
RewriteCond %{HTTP_HOST} !^panasonicservomotor.com$
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^(.*)$ http://panasonicservomotor.com$1 [R=permanent,L]
<Directory "/opt/bitnami/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>
# Error Documents
ErrorDocument 503 /503.html
# Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>
# Default SSL Virtual Host configuration.
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/bitnami/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/opt/bitnami/apache2/htdocs"
RewriteEngine On
RewriteCond %{HTTP_HOST} !^panasonicservomotor.com$
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)
RewriteRule ^(.*)$ https://panasonicservomotor.com$1 [R=permanent,L]
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
<Directory "/opt/bitnami/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>
# Error Documents
ErrorDocument 503 /503.html
# Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>
# Bitnami applications that uses virtual host configuration
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-vhosts.conf"
I'm running a ReactJS app at https://www.hackachieve.com with the following structure:
Port 80/443: Front-end - ReactJS SPA
Port: 8000 - Back-end - django rest framework API
I've installed wordpress properly at /var/www/html and I'm trying to redirect the user from /blog to it.
The issue is that my proxy pass is not working. What happens when the user tries to reach https://www.hackachieve.com/blog is that its redirected back to the main page /. I've found a 301 redirect by inspecting the devtools.
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
ServerName hackachieve.com
ServerAlias www.hackachieve.com
ServerAdmin joaopaulofurtado#live.com
DocumentRoot /var/www/hackachieve-frontend
ProxyPreserveHost On
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
RewriteEngine on
RewriteCond %{SERVER_NAME} =hackachieve.com [OR]
RewriteCond %{SERVER_NAME} =www.hackachieve.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName hackachieve.com
ServerAlias www.hackachieve.com
ServerAdmin joaopaulofurtado#live.com
DocumentRoot /var/www/hackachieve-frontend
ProxyPreserveHost On
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000/
ErrorLog ${APACHE_LOG_DIR}/error-frontend.log
CustomLog ${APACHE_LOG_DIR}/access-frontend.log combined
RewriteEngine off
RewriteCond %{SERVER_NAME} =www.hackachieve.com [OR]
RewriteCond %{SERVER_NAME} =hackachieve.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/hackachieve.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hackachieve.com/privkey.pem
</VirtualHost>
<VirtualHost *:8000>
ServerName hackachieve.com
ServerAlias www.hackachieve.com
ServerAdmin joaopaulofurtado#live.com
DocumentRoot /var/www/hackachieve-backend
ErrorLog ${APACHE_LOG_DIR}/error-backend.log
CustomLog ${APACHE_LOG_DIR}/access-backend.log combined
Alias /static /var/www/hackachieve-backend/static
<Directory /var/www/hackachieve-backend/static>
Require all granted
</Directory>
<Directory /var/www/hackachieve-backend/hackachieve>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIPassAuthorization On
WSGIDaemonProcess hackachieve python-home=/var/www/hackachieve-backend/venv python-path=/var/www/hackachieve-backend
WSGIProcessGroup hackachieve
WSGIScriptAlias / /var/www/hackachieve-backend/hackachieve/wsgi.py
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/hackachieve.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hackachieve.com/privkey.pem
</VirtualHost>
I expect that when the user reaches https://www.hackachieve.com/blog he gets redirected to my Wordpress blog.
I don't want to ReactJS to handle this route
I have sajjanlamichhane.com website hosted on Amazon EC2. But my actual site is inside sajjanlamichhane.com/wp/. So, I redirect URL but I want to mask the redirect URL. How do I do this?
I have this below
Listen 80
<VirtualHost *:80>
ServerAdmin root#sajjanlamichhane.com
ServerName sajjanlamichhane.com
ServerAlias www.sajjanlamichhane.com
DocumentRoot /var/www/sajjanlamichhane.com/
ErrorLog /var/www/sajjanlamichhane.com/logs/error.log
CustomLog /var/www/sajjanlamichhane.com/logs/access.log combined
Redirect http://sajjanlamichhane.com "http://sajjanlamichhane.com/wp/
RewriteEngine on
RewriteRule ^/$ http://sajjanlamichhane.com/wp/index.php [R=301,NC,L]
# remove www
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [NE,R=301,L]
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$
RewriteRule !^wp/ /wp%http://sajjanlamichhane.com [L]
</VirtualHost>
This is how you solve. Further links to read:
http://www.willmaster.com/library/web-development/url-masking.php
Listen 80
<VirtualHost *:80>
ServerAdmin root#sajjanlamichhane.com
ServerName sajjanlamichhane.com
ServerAlias www.sajjanlamichhane.com
DocumentRoot /var/www/sajjanlamichhane.com/
ErrorLog /var/www/sajjanlamichhane.com/logs/error.log
CustomLog /var/www/sajjanlamichhane.com/logs/access.log combined
Redirect http://sajjanlamichhane.com "http://sajjanlamichhane.com/wp/
RewriteEngine on
RewriteCond http://sajjanlamichhane.com/wp/index.php http://sajjanlamichhane.com/wp/index.php$
RewriteRule .* /wp/index.php [L]
</VirtualHost>