Question

0

One IP address, Two Websites, on Two Machines - Need details

rated 0 times [ 0] [ 0] / answers: 1 / hits: 3600 / 3 Years ago, sun, october 3, 2021, 3:30:48

This question has already been posted by another user but a detailed answer was not given..
Here is the link to the original question - One IP address, Two Websites, on Two Machines

I have two machines each with apache2 installed and static ip addresses.

Server 1

example.com

static ip = 192.168.0.6

apache2 running on ports 80 and 443 fine

ufw and router firewall are open on ports 80 and 443 as well

Server 2

domain name = myhost01.example.com 

static ip = 192.168.0.7

apache2 running on 8080(HTTP) and 8443(HTTPS) 

ufw and router firewall are open on ports 8080 and 8443

When I go to {http)www.example.com or (https)www.example.com - I correctly receive the web content for server 1

When I go to myhost01.example.com:8080 or myhost01.example.com:8443 - I correctly receive the web content for server 2

I would like to reverse proxy server 2 so when a user goes to http:// myhost01 .example.com/ they receive the content for http:// myhost01. example.com:8080/, basically hiding the port number. Currently, I get an "unable to connect/webpage not found" error, when i try to access myhost01(dot)example(dot)com

In the Virtual Host file for example.com, I used the following:

ProxyRequests Off



ProxyPass / http://myhost01. example.com:8080/

ProxyPassReverse / http://myhost01 .example.com:8080/

Both proxy and proxy_http modules are enabled in apache2

Any ideas on how to get this to work?

P.S. - Spaces were added to the urls because I do not have enough reputation points to post more than two urls.

** UPDATE - See notes below

Server1 - example.com - VHOST FILE

<VirtualHost *:80>



    ServerAdmin [email protected]

    ServerName example.com

    ServerAlias www.example.com



    DocumentRoot /myweb/cmweb/apache/http



#ProxyPreserveHost On

ProxyRequests Off

ProxyPass / http://myhost01.example.com:8080/

ProxyPassReverse / http://myhost01.example.com:8080/



        <Directory />

                Options Indexes FollowSymLinks

                AllowOverride None

        </Directory>

        <Directory /myweb/cmweb/apache/http/>

                Options Indexes FollowSymLinks MultiViews

                AllowOverride None

                Order allow,deny

                allow from all



        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/error.log

        CustomLog ${APACHE_LOG_DIR}/access.log combined

        LogLevel warn



</VirtualHost>

Tried Proxy with 192.168.0.7 replacing myhost01(dot)example(dot)com to no avail

Server2 - myhost01(dot)example(dot)com VHOST File

 <VirtualHost *:8080>



    ServerAdmin [email protected]

    ServerName myhost01.example.com

    ServerAlias myhost01 myhost01.example.com



    DocumentRoot /mwdhost/cmweb/apache/http



        <Directory />

                Options FollowSymLinks

                AllowOverride None

        </Directory>

        <Directory /mwdhost/cmweb/apache/http/>

                Options Indexes FollowSymLinks MultiViews

                AllowOverride None

                Order allow,deny

                allow from all

        </Directory>



    ErrorLog ${APACHE_LOG_DIR}/error.log

    CustomLog ${APACHE_LOG_DIR}/access.log combined

    LogLevel warn



</VirtualHost>

myhost01 has been added to A Record of Domain Registrant
can do an NSLOOKUP and get correct external ip address for myhost01.example.com

Here below is the Apache Error.log for server1 - Might be a clue to my problems???

Sun Feb 02 18:24:52 2014] [error] (111)Connection refused: proxy: HTTP: attempt to connect to 54.43.138.12:8080 (myhost01.example.com) failed

[Sun Feb 02 18:24:52 2014] [error] ap_proxy_connect_backend disabling worker for (myhost01.example.com)

[Sun Feb 02 18:24:53 2014] [error] proxy: HTTP: disabled connection for (myhost01.example.com) 

[Mon Feb 03 07:33:54 2014] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

uquelighted

Add To Favorites

Follow

Total Points: 242

Total Questions: 110

Total Answers: 106

Location: Cyprus

Member since Tue, Sep 22, 2020

4 Years ago

answered 3 Years ago confiorc · Accepted Answer

Suggestions:

Checked that server1(example.com) can lookup and get a correct dns record for myhost01.example.com?

Do your servers have one public IP each and a internal one each? Or is it like the linked question that you have one IP?

Do i smell a cheap router that have one IP, runs nat and port forwarding on the mentioned ports?

It is often so with cheap routers that they have issues with combining nat and portforwarding using external addresses to reach other internal machines. Some also fail this on purpose as it is bad practice to send all your internal load thought your gateway/nat router.

Both dns records (myhost1.example.com and example.com) points to the same public IP?

yes, and that is intentional and correct, but what happens?
- When the Apache instance wanna lookup where to do the proxy connection it will be told the external IP of myhost01.example.com that is pointing back to the router that might fail the connection. Lets assume it does.

We found one possible error, how do we work around it?

As the external IP from the dns will not help server1 to find the local IP to go over the local network do we need a way to do it, luckily does it exist many ways to Rome.
- One way would be to use the local IP of server2 in the ProxyPass.
- Another way would be to simply override your dns answers. That can be done on server1 that serves as the proxy. Edit the file /etc/hosts. Some more info about the hosts file can you read here.
- A 3rd way would be to make extra dns records for your local servers. Eg a entry named eg. local2.example.com pointing to 192.168.0.7.

Note. If you wondered, it is fully possible to have more public IP's and run them on a little subnet eg. that will also be serving as the interconnection. Thought it is not very recommended to do so.

Disclaimer

This answer is based on an experienced guess, as complete configuration, Apache logs and errors are lacking from the answer. Feel free to improve.