Re: [users@httpd] Proxy on port 80 and 443

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I think we need to get some things clear.
 
You want your apache to run as a forward proxy server for both port 80 and 443. By this i am assuming that you want your browser to reach both port 80 and port 443 on any remote webserver via your proxy server.
 
To do this you need to run apache as a proxy on only one port. In your browser you just need to set proxy to your proxy's (the machine where u are running apache as a proxy) name or ip and the port to 80. In addition tick the option in your browser which says use the same proxy for all protocols. This will ensure that your browser will work fine.
 
This is how a proxy works:
 
========        plain HTTP request      ====================      proxy sends request to remote webserver        ==================
Browser  <-------------------------------------->   proxy running on any port    <---------------------------------------------------------------->     remote webserver
========      proxy sends response   ====================       remote webserver sends response back to     ==================
displays          back to browser           proxy can check if its a valid       back to proxy                                                remote webserver processes
response.                                           request and from an allowed                                                                           the request and sends response
if it has requested                                machine. it also establishes
a secure tunnel                                    a tunnel if the browser has
then it validates                                   requested access to a secure
the security of the                                (SSL) page. proxy can also scan
tunnel and directly                               the response from the webserver
communicates with the                       and check if its valid and allowed.
remote webserver via the
tunnel established through
the proxy.
 
i think you can delete the entire section on virtual host :443. Unless you want to run 2 proxy servers: one running on port 80 and one running on port 443.
 
apache dosent assume anything! its all waiting to be configured :) but you are probably right that on port 443 an ssl enabled server is being started by default. this is quite a likely scenario in most default apache configurations.
 
Also i doubt you would require the AllowCONNECT to port 80 since usually webservers do not run secure servers on port 80. The AllowCONNECT is only to allow the browser to establish a secure tunnel on those ports. If a secure tunnel is being established the proxy cannot check the request or the response for validity and security.
 
Hope this helps.
 
Cheers,
Emmanuel
----- Original Message -----
Sent: Saturday, November 05, 2005 1:31 AM
Subject: [users@httpd] Proxy on port 80 and 443

I am trying to configure apache 2.0 as a forward proxy server for both port 80 and 443. Below is my config:

AllowCONNECT 80 443

<Proxy *>
    Order deny,allow
    Deny from all
    Allow from 172.16 10
</Proxy>

NameVirtualHost *:80
NameVitualHost *:443

<VirtualHost *:80>
   bla bla bla
</VirtualHost>

<VirtualHost *:443>
   bla bla bla
</VirtualHost>

================

Problem is that the HTTP CONNECT method to <IP Address>:80 works find, but HTTP CONNECT to <IP Address>:443 returns an error message "Your server doesn't understand the request" or something similar. What might be the reason? Is it possible that apache assumes HTTPS on port 443?

Thanks,
Khoa

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux