I have a server running a Spring boot application on port 8080, I want to connect it to Android application which is built using Ionic and Cordova.
There is also a web application built using Angular 13 and is the basis for the Android app.
While connecting using HTTPS(redirect using Apache proxy mode from port 443 to port 8080), I try to log in using POST method all is well, but any GET request is blocked with error 403.
However, If I connect using HTTP only directly using port 8080 it works.
My CORS setup:
#Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source =
new UrlBasedCorsConfigurationSource();
var config = new CorsConfiguration();
config.setAllowedOrigins(Arrays.asList("*"));
config.setAllowedMethods(Arrays.asList("*"));
config.setAllowedHeaders(Arrays.asList("*"));
config.setAllowCredentials(false);
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
and my host configuration in apache :
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName www.someserver.som
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.someserver.som [OR]
RewriteCond %{SERVER_NAME} =someserver.som
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
and my proxy mode:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName www.someserver.som
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias softcare.sy
SSLCertificateFile /etc/letsencrypt/live/softcare.sy/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/softcare.sy/privkey.pem
</VirtualHost>
</IfModule>
It is worth noting that when connecting through Insomnia, the connection works and data is retrieved even when connecting using SSL.
The solution turns out to be very stupid one.
I forgot to add someserver.som to the list of allowed domains for Angular JWT.
It is now working as intended
Related
I have a webserver with nagios, nagios is the only service working in this vm, so I want when I go to the root https://mymachine to redirect directly to https://mymachine/nagios.
I have made a configuration like this
<VirtualHost *:443>
ServerName mymachine.mydomain
ServerAdmin root#mymachine.mydomain
Redirect / https://mymachine.mydomain/nagios
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/nagios1.mymachine.mydomain.crt
SSLCertificateKeyFile /etc/pki/tls/private/nagios1mymachine.mydomain.key
SSLCACertificateFile /etc/pki/tls/certs/mymachine.mydomain.crt
</VirtualHost>
Restart http and..disaster! Firefox open the page
https://nagios1.mymachine.mydomain/nagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagiosnagios
and give the "redirect loop" error.
Consider I have also a redirect from http to https
active
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
If I remove it is the same thing.
Any solution?
Thanks
Solution found.
<VirtualHost *:80>
ServerName nagios1.mymachine.mydomain
ServerAdmin root#mymachine.mydomain
Redirect "/" "https://nagios1.mymachine.mydomain/nagios"
</VirtualHost>
<VirtualHost *:443>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/nagios1.mymachine.mydomain.crt
SSLCertificateKeyFile /etc/pki/tls/private/nagios1mymachine.mydomain.key
SSLCACertificateFile /etc/pki/tls/certs/mymachine.mydomain.crt
</VirtualHost>
Problem
I am trying to setup a live environment with laravel websockets library behind an apache server.
The Websocket server is running on port 6001 (unreachable from outside).
The Apache VHost is configured for ws.example.com
I cannot get the Apache to proxy the wss:// requests correctly.
The request to wss://ws.example.com/request/path?protocol=7&client=js&version=5.1.1&flash=false fails.
(Error during WebSocket handshake: Invalid status line)
I think there is a problem with my vhost configuration. Am I missing something? Any advice is appreciated.
vhost configuration
<VirtualHost *:443>
ServerName ws.example.com
ServerAlias www.ws.example.com.com
DocumentRoot /srv/vhost/example.com/domains/ws.example.com/public_html
ErrorLog /var/log/virtualmin/ws.example.com_error_log
CustomLog /var/log/virtualmin/ws.example.com_access_log combined
ScriptAlias /cgi-bin/ /srv/vhost/example.com/domains/ws.example.com/cgi-bin/
DirectoryIndex index.php index.html
RewriteEngine on
ProxyRequests off
ProxyVia on
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://localhost:6001/$1 [P,L]
ProxyPass /request/path http://localhost:6001/request/path
ProxyPassReverse /request/path http://localhost:6001/request/path
SSLCertificateFile /etc/letsencrypt/path/ws.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/path/ws.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Create a subdomain for websockets. Then edit your virtualhost configs (Apache 2.4) as below. Use pusher-php-server 5.0.3
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName socket.website.com
<Proxy *>
Require all granted
Allow from all
</Proxy>
SSLEngine on
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule .* wss://127.0.0.1:6001%{REQUEST_URI} [P]
ProxyPass / ws://127.0.0.1:6001
ProxyPassReverse / ws://127.0.0.1:6001
SSLCertificateFile /etc/letsencrypt/live/socket.website.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/socket.website.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
#max: your rewrite rules were the key, also applies when the proxy just forwards the unencrypted traffic and apache is handling ssl to the outside, replacing wss with ws then - after one day of fiddling its finally working!
edit: not enough reputation for a comment , sorry
I have done redirection in apache before but in a simple way what I do is that enable rewrite module in apache server and then add the two .conf file in /etc/apache2/sites-available mentioned below
The below file is for redirecting HTTP request received throw domain to a specific port.
<VirtualHost *:80>
ServerAdmin me#mydomain.com
ServerName test.domain.com
ProxyPreserveHost On
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / https://localhost:3235/
ProxyPassReverse / https://localhost:3235/
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_NAME} =chat-dev.motivone.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
The below file is for redirecting HTTPS request received throw domain to a specific port.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin me#mydomain.com
ServerName test.domain.com
ProxyPreserveHost On
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / https://localhost:3235/
ProxyPassReverse / https://localhost:3235/
SSLCertificateFile /etc/letsencrypt/live/test.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/test.domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
this process just works fine when I run my server throws HTTP and change proxy to HTTP but when I run my server on https and then try to redirect it. its throw the error like
i am not sure what is wrong ay kind of help is appriciable thanks in advance
Currently I have successfully setup my Laravel Passport API
Using Laravel 5.8.
I have this httpd-vhosts.conf config for my api
PORT: 80
<VirtualHost *:80>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
Redirect permanent / https://<sub-domain>.<domain>.com
</VirtualHost>
PORT: 443
<VirtualHost *:443>
DocumentRoot "/opt/lampp/htdocs/api_tk/public"
<Directory "/opt/lampp/htdocs/api_tk/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
ErrorLog "logs/API-error_log"
CustomLog "logs/API-access_log" common
ProxyPreserveHost On
ProxyRequests Off
ProxyPassMatch /fingerprint http://localhost:5000
ProxyPassReverse /fingerprint http://localhost:5000
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-FOrwarded-Port 443
SSLEngine on
SSLCertificateFile "/opt/lampp/htdocs/ssl_key/svs-file.crt"
SSLCertificateKeyFile "/opt/lampp/htdocs/ssl_key/private_new.key"
SSLCACertificateFile "/opt/lampp/htdocs/ssl_key/svs-bundle-file.crt"
</VirtualHost>
443 is working fine I can see my HTTPS SSL Lock sign on my browser
But
When I try to do HTTP request
Laravel API always getting ruined.
I have route like this
https://..com/api/login
and this is working fine
But when I tried to do HTTP request like this
http://<sub-domain>.<domain>.com/api/login
it always end up to
https://<sub-domain>.<domain>.comapi/login
Where the slash is missing. This is because of the redirect permanent on my PORT 80 config.
I have this route for my api. (api.php)
Route::middleware('auth:api')->get('/user', function (Request $request) {
return $request->user();
});
Route::post('/timekeeping','Auth\Api\AuthController#timekeeping');
Route::post('/login','Auth\Api\AuthController#login');
Route::middleware('auth:api')->group(function () {
Route::post('/timekeeping_app','Auth\Api\AuthController#timekeeping_app');
Route::post('/logout','Auth\Api\AuthController#logout');
Route::post('/register','Auth\Api\AuthController#register');
Route::post('/show_dtr_list','Auth\Api\AuthController#show_dtr_list');
Route::post('/update','Auth\Api\AuthController#update');
Route::post('/delete','Auth\Api\AuthController#delete');
Route::post('/search_user','Auth\Api\AuthController#search_user');
Route::get('/current_time','Auth\Api\AuthController#current_time');
});
How can I prevent this?
UPDATE
Tried to do edit my vhosts config like this
Redirect permanent "/" "https://<sub-domain>.<domain>.com/"
And
Redirect permanent / https://<sub-domain>.<domain>.com\/
But this gives me an output like this
try do add slash under your apache virtual host settings:
<VirtualHost *:80>
ServerName <sub-domain>.<domain>.com
ServerAlias <sub-domain>.<domain>.com
# fix below
Redirect permanent / https://<sub-domain>.<domain>.com/
</VirtualHost>
<VirtualHost 172.16.0.21:80>
ServerName test.com
DocumentRoot /usr/local/liferay/tomcat7/webapps
ErrorLog logs/error_log
CustomLog logs/default-access_log common
ProxyRequests Off
ProxyPass /owa !
ProxyPass / ajp://127.0.0.1:8009/
SSLCertificateFile /etc/pki/tls/certs/star_weconnor.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/weconnor.com.key
SSLCACertificateFile /etc/pki/CA/certs/EntrustSecureServerCA.crt
Now I want to add a open webanalytics in /var/www/html/owa. So it will be : http://test.com/owa but when I access this site it looks like its being forwarded to Tomcat http 404 not found) .how to make this working