4

First off, this is my first go at apache, so please forgive my beginingingismness :)

My basic setup is as such: mysub.domain.com gets sent to my static IP via a CNAME entry at godaddy's DNS manager. It hits my Ubuntu 10 LTS server running Apache2.

I have a virtual host entry that directs that request to the proper /var/www/mysub folder. I don't have any content in there, but I added a line to the "It Works" page so I'd know if I got there successfully. I also have a Mac Mini running a wiki server on the same local network as the Ubuntu server.

I'd like mysub.domain.com to hit my Mini server instead of the /var/www/mysub folder.

After much reading on this site and others, I've managed to do it... kind of.

I have the following in my /var/www/mysub/.htacess, which I found in another SF question (forgot to copy the link).

RewriteEngine on
RewriteCond %{HTTP_HOST} ^mysub.domain.com/*
RewriteRule .* http://192.168.x.x/ [P,L]

This works insomuch as it does redirect mysub.domain.com to the Mini's front page. But of course, so does every subsequent link click on the Mini page. I think I understand why it's doing it (anything that starts with mysub.domain.com gets directed to what is essentially the front page of the wiki server, and since subsequent links on the wiki server also include mysub.domain.com, it always ends up in the same place)

I just don't know what to do different. To be perfectly honest, I don't actually understand the syntax of those Rewrite lines.

I've seen countless examples of config entries and tried some of them, but without really understanding the syntax, it's kind of shooting in the dark.

This was a useful post, and after reading this question, I tried adding this to my /apache2/httpd.conf file

<Location />
   ProxyPass http://192.168.x.x
   ProxyPassReverse http://192.168.x.x
</Location>

No luck.

Clearly, I have some learning to do, but it would seem to me that what I want to do is probably quite simple. What am I missing?

EDIT PER COMMENTS

My /etc/apache2/httpd.conf file

ServerName localhost

<VirtualHost *:80>
   ServerName domain.com
   ServerAlias www.domain.com
   DocumentRoot /var/www/domain
</VirtualHost>

<VirtualHost *:80>
   ServerName mysub.domain.com
   DocumentRoot /var/www/mysub
   <Location />
      ProxyPass http://192.168.x.x/
      ProxyPassReverse http://192.168.x.x/
   </Location>
</VirtualHost>

... and my sites-available/mysub file...

<VirtualHost *:80>
        ServerAdmin me@domain.com
        ServerName mysub.domain.com
        DocumentRoot /var/www/mysub

        #ProxyRequests Off
        <Location />
                ProxyPass http://192.168.1.50/
                ProxyPassReverse http://192.168.1.50/
        </Location>
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/mysub>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog /var/log/www/mysub/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

Output of apache2ctl -S

VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:80                   is a NameVirtualHost
         default server 66-152-109-110.tvc-ip.com (/etc/apache2/sites-enabled/000-default:1)
         port 80 namevhost 66-152-109-110.tvc-ip.com (/etc/apache2/sites-enabled/000-default:1)
         port 80 namevhost domain.com (/etc/apache2/sites-enabled/domain:1)
         port 80 namevhost mysub.domain.com (/etc/apache2/sites-enabled/mysub:1)
Syntax OK
JoshP
  • 278
  • 3
  • 6
  • 25

2 Answers2

4

You're very close!

A couple notes:

  • RewriteCond %{HTTP_HOST} ^mysub.domain.com/* - The HTTP_HOST variable only contains mysub.domain.com, not the rest of the path.

    This rule actually matches, but accidentally - there's no / character there, but the * modifier applies to the / character, meaning "repeat the / 0 to infinite times".

    Apache uses perl-compatible regex - to match the exact host, it should look like this: 

    RewriteCond %{HTTP_HOST} ^mysub\.domain\.com$

  • RewriteRule .* http://192.168.x.x/ [P,L] - This is only loading the home page since it's not including the rest of the passed path - this must be manually done when using the [P] flag of RewriteRule.

    This should work:

    RewriteRule (.*) http://192.168.x.x/$1 [P,L]

  • The ProxyPass setup is almost right, except it's being overridden by the setup in the .htaccess file, so it's not being used. Using .htaccess is bad for performance and potentially problematic for security - see the recommendation in the Apache documentation here.

    Probably the best approach is to delete the .htaccess file outright, and just use ProxyPass. Change your config a small bit...

    <Location />
   ProxyPass http://192.168.x.x/
   ProxyPassReverse http://192.168.x.x/
</Location>

    ...and move it from your httpd.conf over to within the <VirtualHost> block that's serving the subdomain.

    With the matching trailing slashes and no more .htaccess, this should do the trick!

Shane Madden
  • 112,982
  • 12
  • 174
  • 248
  • Thanks so much for the answer! I've axed the `.htaccess` file. I've altered the `` block with the trailing slashes. The URL still just directs me to the `/var/www/mysub` "It Works" page. One thing I may be doing wrong here... My `` block is IN my `httpd.conf` file. When you say to move it, is my `` block in the wrong place? – JoshP Aug 01 '12 at 02:29
  • @Josh The "typical" way to create a virtual host on an Ubuntu system is to create a file like `/etc/apache2/sites-available/site-name` then run `a2ensite site-name` to enable it (which creates a symlink in `/etc/apache2/sites-enabled`). It still works just fine in `httpd.conf`, though. Go ahead and move the `` block into the `` block and restart Apache. If that doesn't do the trick, can you provide the `` block, as well as the output from `apache2ctl -S`? (edit the extra info into your question as opposed to putting it in a comment, for formatting) – Shane Madden Aug 01 '12 at 02:35
  • I actually do have it created in `sites-available` and linked to `-enabled`. I'll post both in the question. Is it wrong to have the site defined in both places? – JoshP Aug 01 '12 at 02:47
  • @Josh You'll only want it defined in one location - that may be part of the problem. – Shane Madden Aug 01 '12 at 02:51
  • Ok, is it "typical" then, to have it all defined in the `sites-available`? Shall I remove the `` blocks in the `httpd.conf` file? Would that then leave only the `ServerName localhost` entry? – JoshP Aug 01 '12 at 03:05
  • @Josh Yeah - if that. I think `httpd.conf` is empty, by default. – Shane Madden Aug 01 '12 at 03:06
  • Ok, `httpd.conf` is now empty. Still no go. ACK lol :) – JoshP Aug 01 '12 at 03:23
  • I won't keep you all night :) I super appreciate your tutelage. I've gotten a lot narrowed down even if I don't reach the finish. – JoshP Aug 01 '12 at 03:26
  • @Josh That looks fine now. Have you restarted Apache after the config changes? – Shane Madden Aug 01 '12 at 03:28
  • I have, and it throws a couple errors. I think it may warrant a different question though. It goes as such: `* Restarting web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 69.16.143.110 for ServerName apache2: Could not reliably determine the server's fully qualified domain name, using 69.16.143.110 for ServerName (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs` – JoshP Aug 01 '12 at 03:32
  • don't know where that IP comes from. Those errors don't look minor lol. – JoshP Aug 01 '12 at 03:33
  • @Josh Aha, that's it. There's a different instance of Apache that's sitting on port 80 and not shutting down, so the restarts aren't taking effect. Find it and kill it with `ps`, or just restart the server to get a clean environment. – Shane Madden Aug 01 '12 at 03:38
  • The server reboot didn't fix the permission error. Must be something else going on. Entering the URL mysub.domain.com now brings me to a 403 Forbidden page (`You don't have permission to access / on this server.`) If it's not one thing it's another lol. I'll try to regroup tomorrow. Thanks so much for your help tonight. – JoshP Aug 01 '12 at 04:45
  • No problem! When you get the chance, take a dig in `/var/log/apache2/error_log` - it should have some interesting info. – Shane Madden Aug 01 '12 at 04:51
  • OK, no more errors on restart! Had to do with hostnames defined differently in different places. The error log was indeed interesting. Didn't see anything about these issues, but lots of file not found coming from what are presumably bots looking for vulnerabilities. – JoshP Aug 01 '12 at 15:02
  • And finally, I think the apache bit is running fine now. I'm still running into the `You don't have permission to access / on this server` 403 error, but I'm thinking that's an issue with permissions on the mini server. Does that sound right? Seems like I've got some more learning to do :) – JoshP Aug 01 '12 at 15:05
  • @Josh Great! Yeah, that 403 is likely coming from the other server - those will always generate a log entry, so you should be able to check the log to determine what's causing that response code. Normally, it's either a configuration that's specifically preventing access to that resource or path, or a permission issue - the error log should tell you which! – Shane Madden Aug 01 '12 at 21:25
0

This was the final piece of the puzzle. Found it as the answer over at this question.

The solution is to have this in /etc/apache2/mods-enabled/proxy.conf:

<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
  AddDefaultCharset off 
  Order deny,allow
  Allow from all 
</Proxy>
Community
  • 1
JoshP
  • 278
  • 3
  • 6
  • 25