RE: Redirecting to internal server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for that, I'll give it a try. Looks a lot easier :)

Out of interest, what is the example below doing? The document
referenced doesn't exist on the box in question, it is on an internal
box, and the external facing box has a route in its routing table
specifically for the internal box.

So, in some way it's deciding to pass requests in, and the below is the
only uncommented reference to that box in all of httpd.conf. So either:

a) I'm looking in the wrong file for the relevant interaction.

b) Uh... something else :)
 
All I know is that http://www.domain.co.uk/folder/page.html must be
passed through somehow (indeed, the DMZ/Internal router has a whole NAT
config for it), since page.html exists only on the internal server, not
the external facing www one.

Paul Cocker 
IT Systems Administrator 
IT Security Officer 

01628 81(6647) 

TNT Post 
1 Globeside Business Park 
Fieldhouse Lane 
Marlow 
Bucks 
SL7 1HY 

 

________________________________

From: Victor Trac [mailto:victor.trac@xxxxxxxxx] 
Sent: 24 November 2007 11:13
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Redirecting to internal server


On Nov 23, 2007 6:52 PM, Paul Cocker <paul.cocker@xxxxxxxxxxxxx> wrote:


	Hi all, first time on the apache list so have mercy ;)
	
	I have been tasked with setting up a system whereby a Linux
server
	running apache 2.0.59 in the DMZ takes requests on port 80 and
then
	passes them through to an internal Windows server running IIS
which 
	actually hosts the HTML.
	
	Such a setup already exists (though it's Linux to Linux) so I
thought
	this would be relatively easy to do, just copy the existing
setup.
	People currently connect to
http://www.domain.co.uk/folder/login.html
	and all is well. Searching the httpd.conf file I can find only
one
	reference to folder, which is:
	
	<VirtualHost *:80>
	    ServerAdmin administrator@xxxxxxxxxxxx
	    ServerName www.domain.co.uk
	    DocumentRoot /var/www/html/domain
	    RewriteEngine on
	    RewriteRule ^/folder(.+)
https://www.domain.co.uk/folder$1 [R,L]
	    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
	    RewriteRule .* - [F]
	</VirtualHost>
	
	So we're using the rewrite module... except having read the 
	documentation on this feature I cannot fathom it.
	
	I hoped that with the above I could simply add another line:
	
	RewriteRule ^/folder2(.+)    https://www.domain.co.uk/folder2$1
[R,L]
	
	I then added a route for the relevant server so the traffic is
routed to
	the internal network when its name is called. However, without
really
	understanding the above I'm not in much of a position to
progress 
	further when this invariably fails to work. I don't know whether
the
	above in any way relates to the name apache calls which then
causes the
	call to be routed to server X.
	
	Any advice or guidance you can offer would be much appreciated. 
	
	Paul Cocker
	IT Systems Administrator <mailto:users-help@xxxxxxxxxxxxxxxx> 


Your example is not rewriting to an internal server.  You want to use
mod_proxy.  Let's say your windows box is 192.168.1.100, then you want
something like this inside your VirtualHost directive:


ProxyRequests off
ProxyPass /folder2 http://192.168.1.100
ProxyPassReverse /folder2 http://192.168.1.100


With this, anytime someone visits your externally accessible site at
http://www.domain.co.uk/folder2, they'll see the html output by your
windows server at http://192.168.1.100 and your internal IIS host is
never directly accessible from the internet. 

cheers,
Victor


-- 
http://www.victortrac.com 




TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897),TNT Post North Ltd (05701709) and TNT Post South West Ltd (05983401). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux