|
Brad,
My understanding is that your rewrite rule redirects any requests for port
80 to port nnnn. That will add the nnnn port to the browser's address bar.
From then on, the browser interacts with the HTTP server that is listening
on port nnnn, rather than port 80.
A reverse proxy configuration is a little different, in that the browser
address bar never changes, and the browser never knows that requests are
being passed to a different HTTP server instance. Requests are
automatically passed through port 80 and port 443 to another server that is
listening on port nnnn. The pass-through process is handled entirely on the
server.
Rather than implementing SSL in all HTTP server instances, you can just do
that in the reverse proxy instance. That would be my preference, however
since the ProxyPass directive appears to be broken on my server, I may have
to fall back to using a rewrite rule like you.
On Wed, Jun 20, 2018 at 10:11 PM, Bradley Stone <bvstone@xxxxxxxxx> wrote:
The whole point is, I don't want one big config with virtual hosts. Iwant
each server running on it's own IP/port.one
I want one instance passing requests to the appropriate instance. Not
big instance handling everything.wrote:
Reverse proxy <> Virtual Hosts.
Bradley V. Stone
www.bvstools.com
GreenTools for # Slack # <https://www.bvstools.com/g4slk.html>: Easy to
use
interfaces for sending and receiving messages on Slack!
On Wed, Jun 20, 2018 at 3:35 PM Nathan Andelin <nandelin@xxxxxxxxx>
yet..
Brad,the
If I understand correctly, the sample configuration that you referenced
above doesn't implement a reverse proxy. Rather it implements a rewrite
rule that redirects the browser to a different server. You could remove
ProxyPreserveHost and all of the LoadModule directives from yourwrote:
configuration, and your rewrite rule in your <VirtualHost> block would
still run fine.
In order to implement SSL, you could add a couple lines to your
<VirtualHost> block:
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_WILDCARD (whatever name may have been
configured in DCM)
SSL also requires the following LoadModule:
LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
On Wed, Jun 20, 2018 at 1:50 PM, Bradley Stone <bvstone@xxxxxxxxx>
Here's how I do it to route specific host names to an internal IP:
https://www.fieldexit.com/forum/display?threadid=14
For SSL it doesn't work, though. I haven't figured that one out
theonceto
I get time I hope to though.
On Wed, Jun 20, 2018 at 10:35 AM Nathan Andelin <nandelin@xxxxxxxxx>
wrote:
Would anyone be willing to post an HTTP server configuration for areverse
proxy running on IBM i 7.3?
The one I migrated from 7.1 doesn't work at 7.3. I whittled it down
QZSRCORE.SRVPGMthe
following (attempting to simplify):
LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/
listeningLoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
Listen *:80 http
ProxyPassReverse / http://65.103.249.57:9000/
ProxyPass / http://65.103.249.57:9000/
When I do logging in both the reverse proxy instance, which is
on
port 80, and the normal instance which is listening on port 9000,
mailingmailingmungedrequested URL's often don't match. Some of the URL's requested are
thatinto unexpected paths, which don't exist, as logged by the instance
ismailing
running on port 9000.
I figure I'm missing some "fix_it" directive.
--
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400)
list--
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/web400.
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400)
list--
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/web400.
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400)
--list--
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/web400.
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing
list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/web400.
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing
list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.