Reverse proxy and documentation

reverseproxy
documentation

(Michel-André) #1

Hi all,

I am looking at Reverse proxy for my site.

On page: http://docs.nethserver.org/en/v7/proxy_pass.html.

<VirtualHost *:443>
SSLEngine On
SSLProxyEngine On
ProxyPass /owa https://myserver.exchange.org/
ProxyPassReverse /owa https://myserver.exchange.org/

***The /owa make no sense for me. ***

Please refer to official Apache documentation for more information: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html

*** That is what I did and found: ***

Reverse Proxy

ProxyPass “/foo” “http://foo.example.com/bar”
ProxyPassReverse “/foo” “http://foo.example.com/bar”

Also there is another Google translation error?
“… A virtual host name rule can be forward HTTP requests to another web server…”

*** I think “be” sould not “be” there.:slightly_smiling_face: ***

Questions:
Why using “Virtual hosts” for one of the tabs of the page Reverse proxy?
Apache uses that name (with no space) but with NethServer (with space), il also refers to Virtual hosts" under Management. I found it very confusing at first.

Why using 2 pages with the same title to describe the same concept?
http://docs.nethserver.org/en/v7/ui/ProxyPass.html
http://docs.nethserver.org/en/v7/proxy_pass.html#proxy-pass-section

Why using a “.” instead of a “-” in a domain name?
On page: http://docs.nethserver.org/en/v7/proxy_pass.html#proxy-pass-section

  • Requests matching an URL path, like http://mydomain.com/mysite
  • Requests matching a virtual host name, like http://my.secondary-domain.com

*** For the path example, “http://mydomain.com/mysite” describes well the situation. “/mysite” looks like a path inside the web site

*** But for the virtual host example: “http://my.secondary-domain.com” is confusing. Is it the “my.” describing the virtual host, even if it looks like a subdomain for me? It should be “http://my-secondary-domain.com” which will make more sense in describing another web site.

I tried different way to test reverse proxy: Paths and Virtual hosts, green IP and red IP of target to no avail.
So I decided to use my SME server to see if it is a reverse proxy error or a target error. With SME, it works first shot. So it is the reverse proxy server.
It is while investigating that problem that I want to try the above example http://docs.nethserver.org/en/v7/proxy_pass.html.

Good and exact wording means everything if I want my grandmother to understand me correctly…

Michel-André


(Federico Ballarini) #2

“Owa” is the name “path folder” of your url that you want to redirect through Reverse Proxy -> Paths page.

Why? You can have also Virtual Hosts not forwarded through Reverse Proxy but managed directly by the firewall.

Because you can have “Path” like https://YOURIP/path redirect to https://ADDRESS (for example… - you managed it from Path page; and you can have “Virtual Host” like https://sub.domain.ext that have to be redirect to https://YOURINTERNALIP/path and these are two different configurations.

The first page is refer to configuration from Server Manger. Second one, explain how to configure from CLI.

Because it is a third level domain: it’s only an example; you can also forward secondary domain.

You should configure this with “Path” page.

You should use in this case “Virtual Host” page, and the virtual host name is the complete name (e.g. http://mydomain.com).

The target will be an IP of your LAN if you redirect to an IP of your green network.

Reverse proxy module is working properly: I use it.

If you need any help please post detailed configuration and problems :wink:
Regards.


(Dan) #3

The sentence he’s addressing should read:

not


(Michel-André) #4

Hi all,

I think my wording was not clear enough.

A reverse proxy takes a URL and redirects it to another URL, internal or external (not only to LOCAL server).

It has nothing to do with virtual host or path - look at Wikipedia for reverse proxy: it never uses virtual or path: https://en.wikipedia.org/wiki/Reverse_proxy.
Virtual host is the directive that Apache uses to do the redirection.

Also, the redirection is only for plain http or https protocols.

  • A note should be included about that as it is very important if someone uses reverse proxy with E-commerce; the site will never receive the Instant Payment Notification (IPN) from the payment agency. POST are not redirected.
  • Also, SMTP is not redirected.

Michel-André