0

I have apache load balancing reverse proxy with mod_proxy_ajp running and redirecting to the backend tomcat servers. I have also created a separate virtual host for HTTPS(SSL) along with HTTP virtual hosting. Both the below http://my.domain.net/ and https://my.domain.net/ virtual hosts are accessible and working fine individually.

http ##:

<VirtualHost *:80> ServerName my.domain.net ProxyRequests On ProxyVia On ProxyPreserveHost On ProxyErrorOverride On ProxyStatus On <Proxy balancer://ClusterDomain> Order deny,allow Allow from all BalancerMember ajp://192.168.1.22:8009 route=web1 redirect=web2 ttl=300 timeout=5 retry=60 BalancerMember ajp://192.168.1.23:8009 route=web2 redirect=web1 ttl=300 timeout=5 retry=60 BalancerMember ajp://192.168.1.21:8009 route=balancer1 status=+H disablereuse=on ProxySet lbmethod=byrequests ProxySet stickysession=JSESSIONID|jsessionid </Proxy> ProxyPass /errors ! ProxyPass /balancer-manager ! ProxyPass / balancer://ClusterDomain/ nofailover=off ProxyPassReverse / balancer://ClusterDomain/ # Balancer-manager for ajp proxy nodes management <Location /balancer-manager> SetHandler balancer-manager Order deny,allow Allow from all </Location> #Recording virtual host logs LogLevel Debug CustomLog /var/log/apache2/my.domain.com-access.log combined ErrorLog /var/log/apache2/my.domain.com-error.log </VirtualHost>

https ## :

NameVirtualHost 123.123.123.123:443 <VirtualHost 123.123.123.123:443> ServerName my.domain.net SSLEngine on SSLProxyEngine On SSLCertificateFile /etc/ssl/myapp/server.crt SSLCertificateKeyFile /etc/ssl/myapp/server.pem ProxyRequests On ProxyVia On ProxyPreserveHost On ProxyErrorOverride On ProxyStatus On <Proxy balancer://ClusterDomain> Order deny,allow Allow from all BalancerMember ajp://192.168.1.22:8009 route=web1 redirect=web2 ttl=300 timeout=5 retry=60 BalancerMember ajp://192.168.1.23:8009 route=web2 redirect=web1 ttl=300 timeout=5 retry=60 BalancerMember ajp://192.168.1.21:8009 route=balancer1 status=+H disablereuse=on ProxySet lbmethod=byrequests ProxySet stickysession=JSESSIONID|jsessionid </Proxy> ProxyPass /errors ! ProxyPass / balancer://ClusterDomain/ nofailover=off ProxyPassReverse / balancer://ClusterDomain/ BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost>

I searched in SF if anybody already asked this question but didn't find. Most of them asked how to redirect completely from http to https but in my case it's a bit different as I want only specific page(s) to be redirected to secured page but it should NOT redirect to https completely when tried with http.

How do I redirect a specific http page(let http://my.domain.net/register) to secured https(https://my.domain.net/register) page in my case based on the above virtual hosting?. Is it possible to do with ajp proxy?. I need both http and https accessible when accessed individually but only specific page should be forcibly redirected to secured page. Could I do this?

Update 1

I am really very bad at understand apache rewrite rules!!!.

As suggested by KM01 I tried rewrite rules.

It's simple ignoring the rules just by redirecting to http page when accessed http://my.domain.net/register even after appending the following rules in the virtual hosting for https redirection.

rewrite rule,

RewriteRule ^/register/$ https://my.domain.net/register [R=301]

(or)

I also tried with Redirect

RedirectMatch ^/register/$ https://my.domain.net/register

Update 2

After trying for a while got some basic thoughts!

I got both rewrite and redirect working!. The key thing was EXCLUDING the page(/register) from proxy redirection which should be redirected to secured https page!.

First Redirect worked this way,

ProxyPass /register ! RedirectMatch /register https://my.domain.net/register #(or) RedirectMatch permanent /register https://my.domain.net/register

And Rewrite,

Even after excluding /register from proxy didn't work for me. I had to use RewriteEngine on though having rewrite module enabled.

Appending the following worked,

ProxyPass /register ! RewriteEngine on RewriteRule ^/register/$ https://my.domain.net/register [R=301]

I don't know if this is the right way to do but got it working on KV01's help

Thanks to KV01!!!

Improve this question

1 Answer 1

Reset to default
1

You can achieve what you are trying to do with a rewrite/redirect. Something like this in your vhost config ought to work (please test in a test server first before rolling to production):

#requires mod_rewrite RewriteRule ^/register$ https://my.domain.com/register [R=301]

This rules says that redirect only that which starts(^) and ends ($) and in between contains /register. This will not redirect any other path, just this one.

HTH

Improve this answer
5
  • I'll try this rewrite rule also tell me how to do with redirect which I already tried but had no affect. Commented Mar 6, 2012 at 0:16
  • Replace RewriteRule w/ RedirectMatch in the above line. For the redirect, you need mod_alias installed. Commented Mar 6, 2012 at 0:51
  • I have updated my question!. Please need further help! Commented Mar 6, 2012 at 9:54
  • Thanks a lot!!!. Look at Update 2 where I got it working. What do yo u think, which is best to use either Rewrite or Rdirect? Commented Mar 6, 2012 at 10:58
  • It is you're pick, really. You're gonna have to maintain it (-; In my setup, we never really got mod_alias working like we wanted it to, but mod_rewrite worked well for us, so we've stuck with it. So ... your call really. Good luck! Commented Mar 6, 2012 at 16:11

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.