Reputation: 11
Can't force 'https' and reverse proxy with Apache at the same time
Really racking my brain over this one. I need to always force 'https' whenever a user requests 'http' on my site, but at the same time I need to proxy pass from Apache to Tomcat (over http). I can't get these two pieces to work in tandem.
I have the https redirect defined here in httpd.conf:
<VirtualHost *:80> ServerName myserver.foo.com
Redirect / https://myserver.foo.com/
</VirtualHost>
Then for the proxy:
RewriteEngine on
RewriteLog /opt/HTTPServer/logs/rewrite_log
RewriteLogLevel 9
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
RewriteRule ^/testold/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=old [NC,P,QSA]
Note: This does actually work if I use ProxyPass instead, but I need to be able to add additional GET parameters to the request, hence the use of the [P] flag approach here.
So when I hit the following URL, I get the Apache HTTP Server page which reads "Not Found". http://myserver.foo.com/testnew/MyApp/RunReport
In the access log, there's a 404
[10/Nov/2014:01:45:21 -0600] "GET /testnew/MyApp/RunReport HTTP/1.1" 404 321
Also, nothing gets written to the rewrite log.
As I understand it, RewriteRules will execute BEFORE Redirect, so even if the above URL did work (and I don't understand why it doesn't), it wouldn't get redirected from http to https. So how can I accomplish this?
I also tried this using only RewriteRules:
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301]
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
RewriteRule ^/testold/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=old [NC,P,QSA]
However with this, the URL gets translated to include the https scheme and hostname after the 1st redirect, so the subsequent RewriteRules fail to match. If I add the full 'https://myserver.foo.com' to the RewriteRule, it matches, but then the full URL gets translated back to http via the proxy.
I can't win! This seems to me like it would be a fairly common configuration. Did I completely miss something? I've been looking at this too long.
Upvotes: 1
Views: 2098
Answers (1)
Reputation: 11
I was able to get this to work by moving the proxy RewriteRules under the *:443 VirtualHost and leaving the http -> https ones at the global level, i.e.
Listen 443
<VirtualHost *:443>
SSLEnable
SSLClientAuth None
RewriteEngine On
RewriteLog /opt/HTTPServer/logs/rewrite_log-443
RewriteLogLevel 9
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
</VirtualHost>
...
...
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301]
Works beautifully now. :)
Upvotes: 0
Related Questions
- Apache reverse proxy for HTTPS to HTTP
- Apache Reverse Proxy doesnt redirect from 80 to 443
- Apache HTTPS Reverse Proxy URL Redirection
- Apache Reverse Proxy https to http
- How to force redirect http to https on a apache reverse proxy server?
- Apache reverse proxy https config leads to 503 error
- Apache Reverse Proxy With SSL
- ProxyPass and RewriteRule [P] acting differently in regard to http/https
- Trouble configuring apache server to proxy an SSL connection
- Apache reverse proxy to https site gives (70014)End of file found: