CODEWITHSUNDEEP
node.jsapacheproxysocket.iocloudflare
Matheus Giovani
Matheus Giovani

Reputation: 1

Apache + Node.JS + Socket.IO + CloudFlare // SSL Error

I'm trying to run Apache with Node.JS + Socket.IO using Cloudflare for CDN / protection, but something is going wrong.

I've tryied a lot of ways to Apache handle Socket.IO connection (that is not through SSL) including ProxyPass

<VirtualHost *:80>
    ServerName      play.example.me
    ServerAlias     example.me
    DocumentRoot    /home/web/
    AccessFileName  .htaccess

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyRequests off

    <Location /socket.io>
        ProxyPreserveHost On
        ProxyPass           ws://localhost:8080/socket.io/
        ProxyPassReverse    ws://localhost:8080/socket.io/
    </Location>
</VirtualHost>

This gives 520 HTTP Error, that is a Cloudflare general error.

I've tryied to use an SSL cert from Let's Encrypt on Node.JS + Socket.IO, but it gives ERR_SSL_PROTOCOL_ERROR.

The code that I'm using to create the server on Node.JS is

var app      = new express();
var options = {
        key:    fs.readFileSync("/etc/letsencrypt/live/play.example.me/privkey.pem"),
        cert:   fs.readFileSync("/etc/letsencrypt/live/play.example.me/cert.pem"),
        ca:     fs.readFileSync("/etc/letsencrypt/live/play.example.me/chain.pem"),
        requestCert:        false,
        rejectUnauthorized: false
    };

var server      = require("https").createServer(options, app);
var io          = require("socket.io").listen(server, { serveClient: false });

I'm actually using ProxyPass to handle the subdomain "api." that is passed to Node.JS / Express:

<VirtualHost *:80>
    ServerName      api.example.me
    ServerAlias     example.me

    ProxyRequests off

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    <Location />
        ProxyPass           http://localhost:8080/
        ProxyPassReverse    http://localhost:8080/
    </Location>
</VirtualHost>

This is working, but the webosocket not. Without Apache (running directly on Express) all works fine including the websocket. But, I need to run Apache too because the website is written in PHP.

Am I doing something wrong?

Upvotes: 0

Views: 996

Answers (1)

mjsa
mjsa

Reputation: 4399

You can use Apache Module mod_proxy_wstunnel to use ProxyPass with WebSocket traffic, for example:

ProxyPass "/ws2/"  "ws://echo.websocket.org/"
ProxyPass "/wss2/" "wss://echo.websocket.org/"

That said, there is no real need to proxy websocket traffic through Apache. It uses a different Port to HTTP(S) traffic, so there is no real need to. You should just be able to use a library like socket.io and away you go.

Upvotes: 0

Related Questions