So I have a few servers:
Server1(winserver2016): Webapplication1 on IIS port 80 + 443, Webapplication2 Apache port 9000 + 9001
Server2(ubuntu16.4): Rocketchat snap, OpenVPN
2 Domain controllers (winserver2016) and a purchased dns record from godaddy domain.co.uk.
I cannot for the life of me figure out how to redirect HTTPS requests to the internal servers via port 443 on the router tried a reverse proxy in IIS 10 with aarp and rewrite (nothing) I tried using subdomains on godaddy but it just redirects to to the IPaddress:port. tried adding subdomains in DNS nothing still the same response 404
Essentially if I point port 80 and 443 at rocket chat it works and I get SSL via caddy but if I try to connect any other services on those ports I get nothing returned. If I connect rocket chat on ports 3000 and 8443 for example I get no SSL and the https site for it doesn't work
I am ready to try a reverse proxy on another Linux deploy in a min and see how that goes but I suspect it will be the same result.
All of these servers run on Hyper-V on 2 win10 boxes.
If you are trying to redirect based on source IP, You might have to use policy routes in the firewall to control the behavior depending on the source of the packet. I'd check to see if your firewall or router has such abilities. Cheap routers tend to use basic static routing
If that doesn't help, you might also need to have a separate reverse proxy web server in place. The configuration is a little tricky in apache...You could put the following inside a virtual host block if you wanted to route based on sub-directory:
<Proxy balancer://myset>
# xxx.xxx.xxx.xxx is your server that will be behind the proxy
BalancerMember http://xxx.xxx.xxx.xxx/subdirectoryName/
ProxySet lbmethod=bytraffic
</Proxy>
ProxyPreservehost On
ProxyPass "/subdirectoryName/" "balancer://myset/"
ProxyPassReverse "/subdirectoryName/" "balancer://myset/"
Not sure if this what would work exactly for subdomains, but I'd try something like this.
Related
So I have a load balancer connected to an ec2 instance. The ec2 has a php website running on port 8000 hosted in iis 8.5. Now http health check is passing after adding binding in iis for port 8000, but https health check is failing. But since in iis, I have used URL rewrite to redirect all http into https, thus even if load balancer's https health check is failing I can still access website on https connection.
But I really want to make my health check for https pass.
So for that I figured out, I either run https application inside ec2 on a different port than 8000 and add a binding for it (dropped the idea cause client didnot want) OR,
Redirect https target group to http target group.
Is this possible? If yes, how?
I want to set
172.01.03.04:8000 to example.com
and
172.01.03.04:9000 to subdomain.example.com
Ubuntu_18.04
Nginx
Laravel 5.5
Need_Help
Advanced Thanks
If you setup nginx by default http then you will get it port 80 or setup with ssl like https then it will set port 443. But if you set up port manually then you have to hit with external port in browser. your problem seems like you are using external port. so
1. you may use reverse proxy to use port 8000 but in backend port should be by 80/443
2. you can use soft firewall if your os have.
I've set up a Wakanda server hosted on an Amazon EC2 instance, that has SSL certificates installed as per the Wakanda documentation and accessing the home page via https easily enough, but won't redirect incoming traffic on port 80 to 443 automatically.
Being an Amazon AWS instance with an elastic IP, I've tried to set up a load balancer to handle the traffic routing for me as a possible solution. Though while that reports that it's routing "Load Balancer Port = 80" to "Instance Port = 443", it doesn't seem to be redirecting traffic either.
I may be missing something entirely in the way the Load Balancer is supposed to work, but is there a way for the Wakanda Server to automatically route incoming http traffic to https? Edit: I have also tried to set up a .htaccess file in my webFolder directory to manually try to redirect traffic, though I'm finding very limited documentation around whether that is a viable option in itself too.
Thanks!
Ive been searching around the internet and I cannot not find the answer to why wampserver is only running on localhost. I have pressed Put Online and I still do not know why it is only running offline. Not sure if it is my wampserver setup or my router blocking me, so any help would be great.
To access your server from the internet you need to do a number of things not specifically related to WAMPServer.
First you need to port forward your router, this allows un-solicited traffic on port 80 throught the NAT router firewall protection, into your network where normally for security reasons it is not allowed in. This opens the port and makes sure that all traffic on port 80 of yor router is directed to the PC running WAMPServer i.e. Apache. So you will need to make sure that the PC running Apache has a STATIC ip address and is not being allowctae an IP by the routers DHCP server.
This site can be very helpful with learning how to do that
Once that is done you may also need to configure your software firewall running on the PC that has Apache on it to allow traffic on port 80 into the PC. Although you may have allowed this already when you first ran Wampserver after it was installed.
When you use the WAMPManagers Put Online and Put Offline that changes the Apache config (httpd.conf) and should change
# onlineoffline tag - don't remove
Require local
which tells apache to only allow connections from the PC running Apache
To
# onlineoffline tag - don't remove
Require all granted
which tells Apache that it is allowed to action connections from any ip address in the world
1) Check you firewall setting 80 port enable
2) Check anti virus Blocking
3) c:\wamp\bin\apache\Apache2.2.11\conf\httpd.conf
Order Deny,Allow
Deny from none
Allow from all
I have run into an issue when enabling https on a server that hosts many sites. I have only enabled https for one site (site1.com), but when a user tries to browse to site2.com which doesn't have https enabled, if they try to get to https://www.site2.com, it redirects to https://www.site1.com. Can I prevent this from happening?
You will need two IPs for that and host one site with a different IP.
The 'problem' is that SSL connection is established on IP basis through TCP before the HTTP Server gets the Request, which is then already encrypted. Since your SSL port is linked to site1 this site will be served.
If your DNS A-Records point to the same IP then the only way i see you could do this is either use two IPs or enter the URL of site2 with http://site2.com (explicitly without HTTPS). In that case the connection would be opened unencrypted on Port 80.
Setup two IPs use HTTPS for one and not the other.