CODEWITHSUNDEEP
apache.htaccessmod-rewritemod-proxycloudflare
Ninncore
Ninncore

Reputation: 21

Cloudflare and mod_proxy

I'm already using mod_proxy to redirect from example-domain.com to example-domain.com:8080, well without CloudFlare (reserve proxy) it works... but with CloudFlare it just response an error 1000 DNS points to prohibited IP. Any chances to get trough this and still use CloudFlare to protect myself? I don't want that the address show something like this with mod_rewrite http://example-domain.com:8080, that's why I'm redirecting, hosting on port 80 is impossible so no changes there.

My vhost config:

    <Directory /var/www/example-domain.com>
            AllowOverride None
            Require all denied
            </Directory>

    <VirtualHost *:80>
            DocumentRoot /var/www/example-domain.com/web

            ServerName example-domain.com
            ServerAlias www.example-domain.com 
            ServerAlias alias.example-domain.com
            ServerAdmin [email protected]
            ProxyPreserveHost On
            ProxyRequests Off

            <Proxy *>
              Order deny,allow
              Allow from all
            </Proxy>

            ProxyPass / http://example-domain.com:8080/
            ProxyPassReverse / http://example-domain.com:8080/

    </VirtualHost>

Upvotes: 2

Views: 2246

Answers (1)

mjsa
mjsa

Reputation: 4399

Regardless of what port you are accessing CloudFlare through, CloudFlare has a tendency to try port 80/443 first. If it can connect to these ports during it's own proxying it stops there and then does not try the port you actually wanted (in your case 8080).

Therefore this looks like a cyclic loop, you are pointing your requests from CloudFlare to proxy to point back through CloudFlare to the server at port 8080. CloudFlare is then stripping the port 8080 and connecting via a plain connection.

The best way to fix this is to simply to set your ProxyPass to go through a URL that doesn't run through the CloudFlare network or simply through localhost.

So either change the ProxyPass in your VirtualHost to:

        ProxyPass / http://direct.example-domain.com:8080/
        ProxyPassReverse / http://direct.example-domain.com:8080/

Where direct.example-domain.com does not route through the CloudFlare network (a grey cloud in your CloudFlare DNS, providing you're doing a full-host CloudFlare set-up).

Alternatively change your proxy pass to go via the localhost:

        ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/

Have fun!

Upvotes: 2

Related Questions