Penguin
Recent Changes
Diff: ApacheReverseProxy
EditPageHistoryDiffInfoLikePages

Differences between current version and predecessor to the previous major change of ApacheReverseProxy.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 14 Last edited on Saturday, May 19, 2007 1:37:01 pm by CraigBox
Older page: version 9 Last edited on Tuesday, June 27, 2006 3:47:09 pm by CraigBox Revert
@@ -39,19 +39,37 @@
 ~ProxyPassReverse, which has the same syntax as ~ProxyPass, will adjust the response URI to keep it pointing at the same place. 
  
 This works fairly well, although it fails if the internal website is a bit more complicated, or is on a different port. Use mod_proxy_html for that! 
  
-! I get "client denied by server configuration: proxy:http://site" errors 
+! I get "client denied by server configuration: proxy:http://site" errors - or a 403 Forbidden message  
  
-You have a <proxy:*> block that is denying your access. Check in mods-enabled/proxy.conf if you're on Debian or Ubuntu, because it defaults to denying all. 
+You have a <proxy:*> block that is denying your access. Check in mods-enabled/proxy.conf if you're on Debian or Ubuntu, because it defaults to denying all. As a quick test, you can comment out the whole section, but for prod env's it should be configured correctly
  
 !! mod_proxy_html 
  
 Suppose I want to expose a website that is running on a non-standard port internally. I could use mod_proxy, if the website only used relative or path-only absolute URLS. However, the website happens to know what hostname and port it is supposed to be running on, and has some urls which are targetted directly at the hostname and port. mod_proxy will break in this case, because URLs in the webpages aren't rewritten, and I can't access the device directly from the external network. 
  
 mod_proxy_html solves this, by rewriting parts of the source code on the fly. It's implemented as a filter in apache2, which means all webpages in the appropriate block pass through it, and can be rewritten on the fly. 
  
 Here is an example config for exposing the [CUPS] web interface, which runs on port 631, via an ApacheReverseProxy: 
+  
+First, get the mod_proxy_html module:  
+  
+<verbatim>  
+  
+# apt-get install libapache2-mod-proxy-html  
+  
+</verbatim>  
+  
+You may or may not have to enable the module with  
+  
+<verbatim>  
+  
+# a2enmod proxy_html  
+  
+</verbatim>  
+  
+Then edit the <tt><~IfModule mod_proxy.c></tt> section of /etc/apache2/mods-enabled/proxy.conf  
  
 <verbatim> 
  <IfModule mod_proxy.c> 
  ProxyRequests Off 
@@ -64,8 +82,19 @@
  ProxyHTMLURLMap /cups/ /cups/ 
  </Location> 
  </IfModule mod_proxy.c> 
 </verbatim> 
+  
+  
+Then reload the config  
+  
+<verbatim>  
+  
+/etc/init.d/apache2 force-reload  
+  
+</verbatim>  
+  
+  
  
 New directives that are added include the ~ProxyHTMLURLMap directive, and the ~SetOutputFilter directive. 
  
 ~SetOutputFilter tells apache to pass the proxied content through the proxy-html filter, which mod_proxy_html provides. This does all the rewriting discussed below: