Reverse proxy for dynamic URL in apache2 server - proxy

I want to do reverse proxy for dynamic URLs. Below is my case
abc.xyz.com/p1/#/p2?data=value
to
xyz.com/p1/#/p2?data=value
I have achieved reverse proxy for static path using <Location ''> but not able to figure out how to do it for dynamic URLS

If i'm not mistaken, it doesn't matter what kind of URLs you have.
Could you send your Apache2 vHost Configuration, so I can analyse this further.
My approach would be
[...]
ServerName xyz.local
ProxyPass /p1/ http://abc.xyz.local/p1/
ProxyPassReverse /p1/ http://abc.xyz.local/p1/
[...]
We probably would need more infos. Is the /p1/ Path "dynamic"?
I don't think that I could help you with this. But I'll do my best, if you provide more information :)

Related

enable jquery load cross domain with a proxy

I have two resources. A standard apache website on mycooldomain.com and a node website on mycooldomain.com:4337. On the apache vhost I have defined a proxy so that i can reach node using mycooldomain.com/myapp.
Now what I am trying to do is to have this code working in mycooldomain.com/index.html:
$('#somediv').load('/myapp');
but this will end with the browser blocking the request marking it as "insecure".
I assume that the proxy should be the workaround to put the two requests on the same domain but as far as I can see I am missing something.
My proxy definition in apache is the following:
ProxyPreserveHost On
SSLProxyEngine On
ProxyPass /myapp https://mycooldomain.com:4337
ProxyPassReverse /myapp https://mycooldomain.com:4337
What am I missing?
I also tried to add to this:
Header always add Strict-Transpor-Security "max-age=15552000; include subdomains"
the following line:
Header set Access-Control-Allow-Origin "https://mycooldomain.com:4337"
but this didn't solve the issue either.
Any hint?

Nginx https redirects - stop further rules processing

I'm trying to configure http and https redirects from an old site to a new one.
According to the rewrite directive docs:
If the replacement string begins with http:// then the client will
be redirected, and any further rewrite directives are terminated.
And I'm trying to achieve the same with https to no avail.
This is my server config:
listen 80;
listen 443 ssl;
server_name mydomain.com
rewrite ^/path/resource(.*)$ $scheme://newdomain.com/newpath/resource$1 permanent;
...
return 301 http://newdomain.com/newpath/;
Using http I get what I'm looking for: if I access mydomain.com/path/resource I'm redirected to newdomain.com/newpath/resource.
However, the same with https redirects me to http://newdomain.com/newpath/.
I have rewrite_log on and in both cases the rewrite rule is matched but the https protocol does not stop further rules processing.
I have the feeling that either I'm missing something really obvious or I'm not approaching this problem properly. I wouldn't mind doing this in any different way at all if it works.
Have any of you out there any idea on how to achieve the http redirect with https too?
I usually like to use return instead of rewrite for redirects, try matching the path with a location block
location ~ /path/resource(.*) {
return 301 $scheme://newdomain.com/newpath/resource$1;
}
I think this way you know for sure there will be no further processing, because it's only 1 line, try it and tell me how it goes.
PS: This will maintain the $scheme of the request, requests to http:// will be redirected to a http:// and https:// will be redirected to https://

Allowing AJAX requests to service behind nginx proxy based on request_method

I'm new to Nginx, so pardon me if I'm being obtuse. I have a service that is sitting behind an nginx proxy, and I am using auth_basic to prevent anyone from currently being able to hit it. I want to allow an Angular app to hit this service, but I want to control who is allowed to perform particular request methods (GET, POST, DEL, OPTIONS), and using auth_basic doesn't seem like the best bet, since I don't want to hardcode the login/password into the JS (duh). The only way I can figure out how to do this is to say:
if ($request_method = OPTIONS)
{
proxy_pass_header Access-Control-Allow-Origin *;
proxy_pass_header Access-Control-Allow_Methods GET, OPTIONS;
etc...
}
At this point, I'd allow GET and OPTIONS requests from anyone, but I want to restrict POST, DEL to only from certain locations (such as internally, or from a trusted IP). Currently, though, if I put proxy_pass_header into that block, it says that the directive is not allowed. I've seen other examples where people use add_header inside an if block like that, so I'm confused why that isn't working.
So first of all, is this the best way of doing things, and if not, does someone have another recommendation? If it is the best way of handling things, what am I doing wrong here?
Any help would be appreciated. I find the nginx documentation to be very confusing.
You could use deny/allow directives from ngx_http_access_module.
location / {
deny 192.168.1.1;
allow 192.168.1.0/24;
allow 10.1.1.0/16;
allow 2001:0db8::/32;
deny all;
}
http://nginx.org/en/docs/http/ngx_http_access_module.html

Serving static content from subdomain with codeigniter?

I’m in the process of splitting resources across domains. I’ve read a few different ways on how to handle this. From what I’ve read the correct way to handle is to use absolute paths versus relative. If this is true, how would I handle this as I push my local development live? The domains won’t match from local to live.
The base_url allows for a single domain only as far as I’ve read. Should I create an asset path helper and autoload that? Or, is there something I’m missing here?
http://www.example.com would operate normally.
http://images.example.com/assets would point to my asset folder that exists in the root.
Yeah, you're missing the part where the server configuration points stuff to certain places depending on the request that's made. This is before the request gets anywhere near codeigniter, so take a look at your server software manual and see what's up with that.
An example with Apache virtual hosts might be something like
#httpd.conf:
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/http
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
</VirtualHost>
<VirtualHost *:80>
ServerName images.example.com
DocumentRoot /var/www/http/assets
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
</VirtualHost>
In this example, a request to http://images.example.com/radical.gif would look in /var/www/assets/ for a gif called radical.
You could define a constant in config/constants.php for your assets url and use it:
define('ASSETS_URL', 'http://images.example.com/assets/');
Then of course you would go for it like that:
<img src="'.ASSETS_URL.'image1.png" />
After further research this is the way I solved my problem. Thanks to the Codeigniter forum for helping me get to this solution. Create a switch that checks which stage of development the site is in and set the base_url and asset_url config accordingly.
switch(ENVIRONMENT) //set in index.php
{
case 'development':
$config['base_url'] = 'http://localhost/';
$config['asset_url'] = 'http://localhost/assets/';
break;
case 'production':
$config['base_url'] = 'http://yoursite.com/';
$config['asset_url'] = 'http://assets.yoursite.com/';
break;
}
Then just extend the url_helper and create a function to get the asset_url
if ( ! function_exists('asset_url'))
{
function asset_url($uri = '')
{
$CI =& get_instance();
return $CI->config->item('asset_url') . ltrim($path, '/');
}
}

Is this a Sinatra config issue, or an Apache config issue?

I haven't decided if this is an Apache issue, or a Sinatra issue, basically, we have a bunch of little apps running on a single server, we deploy them with just built-in webrick instances and use apache to re-route those requests by subdomain to the right port. I am using gollum which is a sinatra app with a git persistence layer, but I am getting an unexpected app routing when it redirects (after edit action). I'm not sure if I can fix this by passing a startup option to Sinatra, or by configuring in the virtual host declaration for the app a rewrite rule. Please in your answer include which option you think is best and an example of how it might be accomplished.
Thanks,
# apache virtualhost declaration
<VirtualHost *:80>
ServerName wiki.domain.com
DocumentRoot "/var/www/html"
ProxyPass / http://localhost:3006
ProxyPassReverse / http://localhost:3006
</VirtualHost>
resolves with sinatra fine for GETs, eg
wiki.domain.com/Home
but fails on sinatra redirect
# expected
wiki.domain.com/Home
# actual
wiki.domain.com:3006/Home
and here is the Sinatra action (source: https://github.com/github/gollum/blob/master/lib/gollum/frontend/app.rb )
post '/edit/*' do
name = params[:splat].first
wiki = Gollum::Wiki.new(settings.gollum_path)
page = wiki.page(name)
format = params[:format].intern
name = params[:rename] if params[:rename]
wiki.update_page(page, name, format, params[:content], commit_message)
redirect "/#{CGI.escape(Gollum::Page.cname(name))}"
end
It’s a long shot, but perhaps the URLs in the ProxyPass directives need to have a trailing /? That’s how it is in the documentation, and I got some strange entries in error.log without them.

Resources