1

I would like to make https requests to my postgREST webserver, which by design doesn't support https. I spend several days now I don't know any further...

My setup

  • My server is running on CentOS 7.9.2009
  • I have a website domain that uses Wordpress to serve my content in home/myuser/public_html
  • I setup PostgREST 7.0.1 on my server which runs on port 3000
  • I am running Apache/2.4.51 (cPanel)

My Problem

  • The following request works just fine: http://my-domain.com:3000/my_db_table
  • I would like to run the same request like: https://my-domain.com/api/my_db_table
  • My Apache configuration is in an "includes" file, seems to be loaded (as errors occur when I put wrong syntax intentionally in this file) and it looks like this:
<VirtualHost *:443>

    DocumentRoot /
    ServerName my-domain.com
    ServerAlias my-domain
    ErrorLog /home/myuser/public_html/api/error.log
    CustomLog /home/myuser/public_html/api/access.log combined

    SSLEngine on
    SSLUseStapling off
    SSLCertificateFile /etc/ssl/certs/server.my-domain.com.crt
    SSLCertificateKeyFile /etc/ssl/private/server.my-domain.com.key


    <Location /api/ >
         ProxyPreserveHost On
         ProxyPass http://localhost:3000/
         ProxyPassReverse http://localhost:3000/
         RequestHeader set X-Forwarded-Port "443"
         RequestHeader set X-Forwarded-Proto "https"
   </Location>
</VirtualHost>
  • running httpd -t returns Syntax OK
  • after my changes I run sudo systemctl restart httpd
  • when I then try to do a request like curl -i https://my-domain.com/api/my_db_table I am redirected to the 404 page of my Wordpress website
  • the error.log file of my apache config does not include any errors (it included errors for stapling which I resolved by adding the line SSLUseStapling off in my config)

I don't know what to do anymore. And because I don't have any error logs I even don't know how to start debugging it. I would be happy for any hint somebody could provide me.

JoeBe
  • 111
  • 2

2 Answers2

0

Some things to check:

  1. Is SELinux running? If so is the SEBoolean httpd_can_network_connect set to 1?
  2. Is mod_proxy installed?
  3. Is anything on the non-proxied VirtualHost using the path /api? As in, would it block the calls to the Location? Better answer: How to handle relative urls correctly with a reverse proxy

Not an apache expert, but these sprang to mind!

shearn89
  • 3,143
  • 2
  • 14
  • 39
  • Thanks for your reply. However, I probably can rule out your suggestions. (1) No, it is disabled. (2) Running `httpd -M` shows me `proxy_module`, so it seems to be enabled. (3) I just created the `/api` directory in my wordpress environment in `home/myuser/public_html`, so there shouldn't be anything but this proxy – JoeBe Dec 21 '21 at 16:36
0

Adding to the second point of the answer given by shearn89, verify that the module mod_proxy_http is also installed (use a2enmod proxy_http to install it).