8

This seems like a super-basic question but I am having a hard time tracking down a straightforward solution, so appreciate any help and patience with me on this:

I want to configure my Apache proxy server to redirect certain URLs so that, for example, a web browser HTTP request for www.olddomain.com gets passed to the proxy server which then routes the request to www.newdomain.com which sends a response to the proxy server which then passes it back to the web browser.

Seems so simple, yet I don't see how to achieve this on Apache. I know Squid/Squirm offer this functionality so am guessing I am missing something really basic. I know I can use RewriteRule to dynamically modify the URL and pass it to the proxy server, but I effectively want to do the reverse, whereby the proxy server receives the original URL, applies the RewriteRule, and then forwards the HTTP request to the new URL.

Hope that makes sense. Thanks in advance for any help.

2 Answers2

7

From your comment on my previous answer I gather that you are using Apache as a forwarding proxy (ProxyRequests On). You can use mod_rewrite to proxy pass through specific URL's.

You probably got something like this in your Apache config:

ProxyRequests On
ProxyVia On
<Proxy *>
   Order deny,allow
   Allow from xx.xx.xx.xx
</Proxy>

Then you have to add the following in order to proxy-pass all requests from www.olddomain.com/foo to www.newdomain.com/bar:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.olddomain\.com$
RewriteRule /foo(.*)$ http://www.newdomain.com/bar/$1 [P,L]

What this does is:

  • When a request is made to the host www.olddomain.com, the RewriteRule will fire.
  • This rule substitutes /foo to http://www.newdomain.com/bar/.
  • The substitution is handed over to mod_proxy (P).
  • Stop rewriting (L).

Example result:

  • Browser is configured to use your Apache as proxy server.
  • It requests www.olddomain.com/foo/test.html.
  • Your Apache will rewrite this to www.newdomain.com/bar/test.html.
  • It will request this page from the responsible web server.
  • Return the result to the browser as www.olddomain.com/foo/test.html.
Sergey Vyacheslavovich Brunov
  • 111
  • 3
basvdlei
  • 1,296
  • 8
  • 13
  • Perfect, this is exactly what I wanted to achieve. Only issue with your recommendation is that I needed to use a '%' instead of a '$' in front of '{HTTP_HOST}' in order for RewriteCond to trigger. Thanks much! –  Apr 29 '10 at 08:19
  • When I attempted this, it made it possible for malicious visitors to use my Apache server as an open proxy. See https://wiki.apache.org/httpd/ProxyAbuse I followed the code example above precisely, except for I used my own server's IP in the Allow line. What did I do wrong? It seems like http://httpd.apache.org/docs/trunk/mod/mod_proxy.html#access advises use of `Require IP xx.xx.xx.xx`, which is not included in the code sample above. – Evan Donovan May 17 '19 at 02:29
  • @EvanDonovan the above example is old and still used the old `mod_access` style. You should definitely use the access control (eg. `Require IP`) with newer versions of Apache: https://httpd.apache.org/docs/2.4/howto/access.html – basvdlei May 17 '19 at 12:05
  • Ok, thanks - Maybe this should be edited then? It has caused us no end of headache. – Evan Donovan May 17 '19 at 23:27
  • So should I indicate in the answer above that someone would need to include `Require ip xx.xx.xx.xx` in the `` section to avoid open proxy abuse when running Apache 2.4+? Not including something like that effectively caused a DDoS on our server. Days later, after disabling mod_proxy entirely, we are still getting tons of proxy attempts where people make HTTP CONNECT requests, then GET requests for servers that aren't in our virtual hosts. All are a 403 response, but that still adds Apache load. – Evan Donovan May 18 '19 at 18:45
1

If I understand you correctly, you probably want to look at: mod_proxy in combination with name-based virtual hosts

Here is a little example of what this might look like. All requests from the www.olddomain.com virtual host will be requested from www.newdomain.com and rewritten by apache:

NameVirtualHost *:80
<VirtualHost *:80>
     ServerName www.olddomain.com

     <Proxy *>
            Order deny,allow
            Allow from all
     </Proxy>
     ProxyPass / http://www.newdomain.com/
     ProxyPassReverse / http://www.newdomain.com/
     ProxyPassReverseCookieDomain www.newdomain.com www.olddomain.com 
</VirtualHost>
basvdlei
  • 1,296
  • 8
  • 13
  • Thanks much, but I was targeting a different scenario. Here is what I want to enable: a) browser makes HTTP request for www.olddomain.com/foo, which passes to proxy server for handling b) proxy server sees www.olddomain.com/foo and based on a pre-determined mapping, forwards the HTTP request to www.newdomain.com/bar instead c) proxy server receives HTTP response from www.newdomain.com/bar and forwards to browser (which basically thinks it just received an HTTP response to its HTTP request to www.olddomain.com/foo) Does that clarify? –  Apr 28 '10 at 02:59
  • For the sake of self-documentation, if the www part is omitted in the ProxyPassReverseCookieDomain directive, the domains should start with a dot. – Bram Schoenmakers Jun 04 '10 at 11:21
  • Answer is incomplete without the conf file name where this needs to go into.. – Siddharth Jan 03 '21 at 06:31