Forum Moderators: phranque
A class I went to recently convinced me that a reverse proxy is the most secure way for me to share data across a network for our purposes. Apache offers the reverse proxy feature, IIS does not. The result is that I have two servers: a front end running apache, and a back-end running IIS, and actually holding my sites.
I'm hosting 2 websites, and both have their own static IPs. Before getting to the appache box, they go through a firewall that NATs their addresses into local ones:
www.dogs.com becomes 192.168.2.4 (which is actually the same ip as the server running apache) and www.bunnies.com becomes 192.168.2.5
The apache box should listen for these sites' requests on port 80, and when it gets them, it should send them off to my iis server (192.168.2.3). I was hoping to do this via different ports, but I'm not stuck on the idea.
I thought I could set up http.conf to send all requests to www.dogs.com (192.168.2.3:80), unless they meet specific criteria, in which case they'll be sent to www.buunies.com (192.168.2.3:81).
Needless to say, this isn't working. I've been fighting with it for a couple of days now. My default site works perfectly, but I have yet to see my www.bunnies.com site.
Some points:
www.dogs.com works fine.
www.bunnies.com does not work - when I enter www.bunnies.com, the content for the default site (www.dogs.com) opens although the url says "www.bunnies.com"
from the apache machine, I can type 192.168.2.3 into a browser and www.dogs.com opens up.
from the apache machine, I can type 192.168.2.3:81 into a browser and www.bunnies.com opens up.
Thanks for reading, and I'll appreciate any help. I have read the Apache documentation for virtualhosts but am still lost.
Mike
PS Apache v.2.0.43
I don't want to paste my whole http.conf here, so here are some snippets I've been messing with:
#in a nutshell:
#apache reverse proxy machine (192.168.2.4)
#iis webserver with content (192.168.2.3)
#www.dogs.com NATted to 192.168.2.4
#www.bunnies.com NATted to 192.168.2.5
Listen 80
ServerName 192.168.2.4
ProxyRequests on
ProxyPass / [192.168.2.3:80...]
ProxyPassReverse / [192.168.2.3:80...]
#following section should grab request for 192.168.2.5:80
#and send them off to 192.168.2.3:81
NameVirtualHost 192.168.2.5:80
<VirtualHost 192.168.2.5:80>
ProxyRequests On
ProxyPass / [192.168.2.3:81...]
ProxyPassReverse / [192.168.2.3:81...]
ServerName 192.168.2.3
</VirtualHost>
And this'll bump your thread up on active again. :)
Jim
After tons of trial and error, and multiple hours of one or the other site being down, I got it...
The key seemed to be in the virtual host section. I had assumed that I had to put all my default site information outside of the virtual host, but this is not the case...
Also, at least my my purposes ProxyRequests did not need to be On. Sure it looks simple in retrospect, but it took some fighting...
Thanks!
#relevent code below
Listen 192.168.2.4:80
Listen 192.168.2.5:80
ServerName 192.168.2.4:80
NameVirtualHost 192.168.2.4:80
<VirtualHost 192.168.2.4:80>
ProxyPass / [192.168.2.3:80...]
ProxyPassReverse / [192.168.2.3:80...]
</VirtualHost>
NameVirtualHost 192.168.2.5:80
<VirtualHost 192.168.2.5:80>
ProxyPass / [192.168.2.3:81...]
ProxyPassReverse / [192.168.2.3:81...]
</VirtualHost>
