Browsing articles tagged with "reverseproxy - 2/22 - Admins Goodies"
May 15, 2012
tom

Apache ReverseProxyPass redrects to http rather than https

I have a reverse proxy setup using apache mod_proxy: <VirtualHost *:443> ServerName reverse.server.com ProxyPass / http://10.1.9.11:3000/ ProxyPassReverse / http://10.1.9.11:3000/ ProxyPreserveHost on …snip ssl stuff… </VirtualHost> This works fine most of the time. The problem is when the internal server does a redirect. While the proxypassreverse should catch the location, and it seems to, it redirects to http://reverse.server.com rather than to https://reverse.server.com. So it is half working, the address changes correctly, but the protocol stays as […]

Continue Reading »
May 10, 2012
tom

Tactic to block a UDP spoofing attack

The packets are margin of 200,000 ~ 800,000 per second and UDP spoofed(0 bytes/46bytes) I have a linux deb 6 and windows server 2003 that is taking a hit. Current idea: – Setup a proxy server up front to filter out the attack. Would HAProxy work? Do I need a BSD box with PF? What do I need to look for to filter? I need the port being hit but there must be a way […]

Continue Reading »
Apr 26, 2012
tom

nginx proxy_cache: limit parallel requests to a backend

I am using nginx as a reverse proxy to my backend(s). Configuration is pretty basic, e.g. the core is just: upstream myservice { server 127.0.0.1:80; server 123.123.123.123:80; }location / { proxy_pass http://myservice; proxy_set_header Host myservice; } Now my service is computationally very heavy, and I would like nginx to limit the number of active parallel (simultaneous) requests to a single upstream backend to e.g. 10. I looked into limit_req module, however this module only seems […]

Continue Reading »
Apr 25, 2012
tom

Can I force apache’s mod_proxy to connect to the remote server by hostname, rather than IP?

I’m setting up Apache2 as a reverse proxy for a remote site. Let’s assume the remote site is http://app.remotesite.com. Here is a snippet from my virtual host config: ProxyPass /pxy/ http://app.remotesite.com/ So this should take a request like http://app.mysite.com/pxy/search?q=abc, and pass it through as http://app.remotesite.com/search?q=abc. I am getting a “Bad request” when I try this. Based on the output in /var/log/apache2/error.log, it is doing the proxy correctly, but it looks like when it connects to […]

Continue Reading »
Apr 23, 2012
tom

Apache with nginx front-end takes gets pegged 100% CPU with Django app

I recently launched a web app that gets constantly pegged at 100% CPU. My server is a 512 MB Linode with nginx sitting in front of Apache (MPM Worker) serving a Django app. This app is unusual in that it has to do heavy database processing < 5% of the time (~2-5k queries/request). I only have a small number of users currently (50 in a day, ~5-10 at any given time). Now I understand doing […]

Continue Reading »
Apr 17, 2012
tom

IIS 7 ARR Reverse Proxy Over https

I have a very simple reverse proxy setup in IIS7 using ARR and rewrite module that takes all traffic on an IP and routes it to a different IP running on a different server. <rule name=”ReverseProxyInboundRule1″ stopProcessing=”true”> <match url=”(.*)” /> <conditions> <add input=”{CACHE_URL}” pattern=”^(https?)://” /> </conditions> <action type=”Rewrite” url=”{C:1}://1.1.1.1/{R:1}” /> </rule> This all works fine for http:80 however it does not work for HTTPS:443 traffic. There is an SSL cert setup on the destination server […]

Continue Reading »
Apr 17, 2012
tom

Error message when trying to install varnish on centos 5.5

I’ trying to install varnish on centos 5.5 using command yum install varnish but the installing procedure can’t be completed because of this warning message: warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID …… Public key for libedit-20090923-3.0_1.el5.rf.x86_64.rpm is not installed So how to solve this problem ? Asked by M.B.Asfoor It looks like you’re trying to install a RepoForge RPM without having the GPG keys installed, you can either install the keys by […]

Continue Reading »
Apr 16, 2012
tom

SSL reverse proxy and security (eavesdropping)

I am new to the hosting in datacenter. I would host my app in a datacenter (colocation). I can sell me only the bay I need. I would like to use a SSL reverse proxy : SSL Reverse proxy + LoadBalancer <—-> WebServer1 <—-> WebServer2 If I let the SSL Reverse proxy do all the SSL job, everything between web servers and load balancer will not be secured. My question is : since I will […]

Continue Reading »
Apr 12, 2012
tom

mod_proxy: pass path from original request to proxied app

I’m struggling with reverse proxying an app running in a Tomcat server on a closed port behind Apache. For convenience, say that I want to reverse proxy requests for ‘http://mydomain/apps/my_app/’ to the Tomcat app at ‘http://localhost:8082/my_app/’ on the remote server. All works fine with following proxy settings in an Apache vhost.conf file: ProxyRequests off ProxyPass /apps/ http://localhost:8082/ ProxyPassReverse /apps/ http://localhost:8082/ Except for one part of the app, which generates a Java webstart file that is […]

Continue Reading »
Apr 2, 2012
tom

Can I configure IIS 7+ to do a dynamic reverse proxy based on the incoming hostname?

I am trying to configure IIS to proxy requests based on the incoming hostname. For example, if my proxy server is an IIS server located at www.proxy.com, a request to www.google.com.www.proxy.com would be proxied to www.google.com I have tried to set up a reverse proxy with a URL rewrite rule to rewrite *localhost* to {R:1}{R:2}, but I haven’t had any luck. From what I have read, it may only be possible if I specify exactly […]

Continue Reading »
Pages:«1234567...22»