Re: Rewrite Rule

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Apr 25, 2013 at 4:13 PM, Chris Arnold
<carnold@xxxxxxxxxxxxxxxxxxx> wrote:
>
>
> From: "Chris Arnold" <carnold@xxxxxxxxxxxxxxxxxxx>
> To: users@xxxxxxxxxxxxxxxx
> Sent: Wednesday, April 24, 2013 3:21:25 PM
> Subject: Re:  Rewrite Rule
>
>
> On Apr 24, 2013, at 2:00 PM, "Chris Arnold" wrote:
>
>> On Apr 23, 2013, at 8:39 PM, "Chris Arnold" wrote:
>>
>> > Apache 2.12.x on SLES11 SP2. We have a RDS server behind an apache
>> > server using proxypass. We need users to get to the RDS server using
>> > https://apps.domain.tld. The apache server should catch this request and
>> > send/rewrite to
>> > https://apps.domain.tld/rds/something/something/login.whatever. We have a
>> > ssl virtual host and in this virtual host i have a rewrite statement:
>> >
>> > RewriteEngine On
>> > RewriteCond %{HTTP_HOST} ^apps\.
>> > RewriteCond %{HTTPS} on
>> > RewriteRule ^/(.*) https://192.168.123.7/$1 [P]
>> > #RedirectMatch ^/$ /rds/something/something/login.whatever
>
> RewriteEngine On
> RewriteLog /var/log/apache2/rewrite.log
> RewriteLogLevel 3
>
> RewriteCond %{HTTP_HOST} ^apps\.
> RewriteCond %{HTTPS} on
> RewriteRule ^/(.*) https://192.168.123.7/sub/ [R]
>
> OK, i have turned on rewrite log and this is what i get in the log:
>
> initial] (2) init rewrite engine with requested uri /
> /initial] (3) applying pattern '^/(.*)' to uri '/'
> /initial] (3) applying pattern '^/(.*)' to uri '/'
> /initial] (2) rewrite '/' -> 'https://192.168.123.7/rdweb/'
> /initial] (2) explicitly forcing redirect with https://192.168.123.7/rdweb/
> /initial] (3) applying pattern '^/(.*)' to uri
> 'https://192.168.123.7/rdweb/'
> /initial] (1) escaping https://192.168.123.7/rdweb/ for redirect
> /initial] (1) redirect to https://192.168.123.7/rdweb/ [REDIRECT/302]
>
> As you can see this works fine. However, i am on the same network segment as
> 192.168.123.7 and the URL in the browser is
> https://192.168.123.7/sub/sub/sub/login.whatever and this does not/will not
> work when not on the same network segment. So i changed the rewriterule to:
> ^/(.*) https://apps.domain.tld:
>
> RewriteEngine On RewriteLog /var/log/apache2/rewrite.log
> RewriteLogLevel 3
>
> RewriteCond %{HTTP_HOST} ^apps\.
> RewriteCond %{HTTPS} on
> RewriteRule ^/(.*) https://apps.domain.tld/sub/ [R]
>
> and this is in the rewrite log from the above:
>
> /initial] (2) init rewrite engine with requested uri /sub/
> /initial] (3) applying pattern '^/(.*)' to uri '/syb/'
> /initial] (3) applying pattern '^/(.*)' to uri '/sub/'
> /initial] (2) rewrite '/sub/' -> 'https://apps.domain.tld/sub/'
> /initial] (2) explicitly forcing redirect with https://apps.domain.tld/sub/
> /initial] (3) applying pattern '^/(.*)' to uri
> 'https://apps.domain.tld/sub/'
> /initial] (1) escaping https://apps.domain.tld/sub/ for redirect
> /initial] (1) redirect to https://apps.domain.tld/sub/ [REDIRECT/302]

This is the end of the first request. It got redirected to
https://apps.domain.tld/sub/

> /initial] (2) init rewrite engine with requested uri /sub/
> /initial] (3) applying pattern '^/(.*)' to uri '/sub/'
> /initial] (3) applying pattern '^/(.*)' to uri '/sub/'
> /initial] (2) rewrite '/sub/' -> 'https://apps.domain.tld/sub/'
> /initial] (2) explicitly forcing redirect with https://apps.domain.tld/sub/
> /initial] (3) applying pattern '^/(.*)' to uri
> 'https://apps.domain.tld/sub/'
> /initial] (1) escaping https://apps.domain.tld/sub/ for redirect
> /initial] (1) redirect to https://apps.domain.tld/sub/ [REDIRECT/302]

This is the next request. It's got the same URL.

>
> And this keeps repeating until i stop it. This looks like the rewrite loop
> but i am under the impression that by default max redirects=10 and should
> stop after 10.
> Any ideas as to what is going on with the rewrite statements?

It looks like you are rewriting it to it's current location. This
leads to a loop.

Why are you using rewrite rules anyway? It seems like you want to
reverse proxy from an apache server with a public IP to a backend
webserver in your private LAN. Where do rewrite rules come in to this?
Why are you checking the host name in your rewrite rules, instead of
using vhosts? Why is this not your configuration:

<VirtualHost *:443>
  ServerName apps.tld
  ProxyPass / https://192.168.123.7/
  ProxyPassReverse / https://192.168.123.7/
</VirtualHost>

I'm very confused by what you're trying to achieve.

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux