2

我正在尝试使用 Apache 作为网关来反向代理到与请求的 http_host 同名的后端服务器。

前任:

    ProxyPass            /  https://%{HTTP_HOST}/
    ProxyPassReverse     /  https://%{HTTP_HOST}/

使用此设置时出现错误。建议?

4

2 回答 2

3

To use Apache ProxyPass directives with dynamic hostnames you will need to also use ModRewrite.

Objective

All requests to the virtualhost will ProxyPass and ProxyPassReverse (also known as an "Apache Gateway") to the %{HTTP_HOST}

The only reason this would make sense to do is if you have localhost entries on the apache server for specfic host names

Examples

Localhost File

10.0.0.2 foo.bar.com    
10.0.0.3 bar.bar.com

How it works

  1. The client makes a request to foo.bar.com (dnslookup is a public IP... YOUR APACHE SERVER)
  2. Your apache server has a localhost entry of 10.0.0.2 for foo.bar.com (some other server on your network)
  3. The request goes through ModRewrite and /path1 is appended, then handed off to ProxyPass and ProxyPassReverse
  4. ProxyPass and ProxyPassReverse hand the call off to foo.bar.com at ip 10.0.0.2

Client requests foo.bar.com ---reverse proxies to----> foo.bar.com/path1 (on some OTHER internal server)

Apache Configuration

    <VirtualHost *:443>
    Servername *

    # Must not contain /path1 in path (will add /path1)
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/path1/.*
    RewriteRule ^/(.*) https://%{HTTP_HOST}/path1$1 [NC,R=302,L]

    # Must contain /path1 in path (will send request to the proxy)
    RewriteEngine On
    RewriteOptions Inherit
    RewriteCond %{REQUEST_URI} ^/path1/.*
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [NC,P]

    SSLEngine on
    SSLProxyEngine On
    ProxyRequests Off

    ProxyPass            /  https://$1/
    ProxyPassReverse     /  https://$1/

    ProxyPreserveHost On

    ###################
    # SSL Constraints #
    ###################

    SSLProtocol -ALL +SSLv3 +TLSv1

    # Choose cipher suites
    SSLHonorCipherOrder On
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT

    # SameOrigin The page can only be displayed in a frame on the same origin as the page itself
    Header set X-Frame-Options SAMEORIGIN

    SSLCertificateFile     /etc/apache2/example.crt
    SSLCertificateKeyFile  /etc/apache2/example.key
    SSLCertificateChainFile /etc/apache2/gd_bundle.crt
    SetOutputFilter INFLATE;proxy-html;DEFLATE
</VirtualHost>

source: http://brakertech.com/apache-proxypass-with-dynamic-hostname/

于 2013-09-18T18:21:43.337 回答
2

没有办法像使用代理传递那样动态地反向代理。但是,您可以使用 mod_rewrite 的P标志来完成。与 相同ProxyPassReverse,您不能使用%{HTTP_HOST}但是,由于主机名相同,因此您根本不需要它。只需要:

RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [L,P]

您可能遇到的一个问题是,由于 DNS 将代理服务器解析为某个 IP,因此代理服务器必须知道相同的 DNS 主机名不会解析为自身,而是实际解析为后端服务器(要代理的服务器),否则它将造成循环。

于 2013-09-18T18:24:13.257 回答