I'm trying to set up a reverse proxy with an Apache2 server accepting requests at port 443 (to enable https). The idea is to have the Apache2 server accept the request and forward it on to my Node server, which is listening on port 4443. I've looked through several example configurations for setting up the virtual hosts, and after toggling a few options I still get the 502 error. Both servers are hosted on a DigitalOcean droplet running Ubuntu 14.04.
I can hit port 4443 directly in Chrome and it serves the Node app. When I load the site without a port number, it loads port 443 (as expected) and I get this error:
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /.
Reason: Error reading from remote server
Apache/2.4.7 (Ubuntu) Server at [domain.com] Port 443
In the console, it says:
Failed to load resource: the server responded with a status of 502 (Proxy Error)
Here are the resources I'm following:
https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension
https://support.mayfirst.org/wiki/how-to/servers/configure-nodejs-with-apache
This is my config file. The actual IP and domain are replaced with [IP] and [domain.com].
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin admin#[domain.com]
ServerName [domain.com]
ServerAlias www.[domain.com]
DocumentRoot /var/www/[domain.com]/public_html
#SSL Configuration
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/letsencrypt/live/[domain.com]/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/[domain.com]/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/[domain.com]/chain.pem
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://[IP]:4443/ retry=1 acquire=3000 timeout=3000 Keepalive=On
ProxyPassReverse / http://[IP]:4443/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
</IfModule>
How can I edit my config file to resolve this 502 error?
Related
I'm trying to convert my app to PWA and I need to use https on localhost on my raspberrypi 4 and can be reached using 192.168.0.2 on LAN
Certificate seems to be not valid and I don't understand what I'm missing.
All command are executed as root user and all steps are from GitHub official page
mkcert -install
mkcert 192.168.80.2
Using the local CA at "/root/.local/share/mkcert" ✨
Created a new certificate valid for the following names �
- "192.168.0.2"
The certificate is at "./192.168.0.2.pem" and the key at "./192.168.0.2-key.pem" ✅
mv 192.168.0.2-key.pem /etc/apache2/ssl/192.168.0.2-key.pem
mv 192.168.0.2.pem /etc/apache2/ssl/192.168.0.2.pem
ls -l /etc/apache2/sites-enabled
lrwxrwxrwx 1 root root 29 Jul 21 16:34 hiker.conf -> ../sites-available/hiker.conf
sites-available/hiker.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName 192.168.0.2
ServerAdmin webmaster#localhost
DocumentRoot /var/www
Alias /hiker /var/www/hiker/public
<Directory /var/www/hiker/public>
AllowOverride All
Order Allow,Deny
Allow from All
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName 192.168.0.2
ServerAdmin webmaster#localsite.test
DocumentRoot /var/www
Alias /hiker /var/www/hiker/public
<Directory /var/www/hiker/public>
AllowOverride All
Order Allow,Deny
Allow from All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/localsite-error.log
CustomLog ${APACHE_LOG_DIR}/localsite-access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/192.168.0.2.pem
SSLCertificateKeyFile /etc/apache2/ssl/192.168.0.2-key.pem
</VirtualHost>
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
apachectl configtest
Syntax OK
service apache2 restart
I found the solution thank to #SteffenUllrich.
I order to import CA into windows 10 follow steps described here "make-computer-trust-certificate-authority"
I can now make tests to convert my app to PWA
Contents are similar in both subdomains. But one domain is working but the other is not working.
Apache host files.
merchant.clouspos.lk (This is working)
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName merchant.cloudpos.lk
ServerAlias merchant.cloudpos.lk
ServerAdmin webmaster#et.lk
RedirectMatch 301 /ipgresponse_dfecVfBuvsdRkY24(.*) /main.html#/paymentprocessing$1
DocumentRoot /var/www/merchant/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
merchant2.cloudpos.lk (This is redirct to different site)
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName merchant2.cloudpos.lk
ServerAlias merchant2.cloudpos.lk
ServerAdmin webmaster#et.lk
RedirectMatch 301 /ipgresponse_dfecVfBuvsdRkY24(.*) /main.html#/paymentprocessing$1
DocumentRoot /var/www/merchant2/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
Please provide a solution for this issue? Source code is same in both subdomains.
I updated my WSL1 to WSL2 and install
ubuntu 20.04,
Apache2 and
php8
Now visiting localhost will display the Apache2 Ubuntu Default Page
Next I create a conf file on /etc/apache2/sites-available/items.test.conf containing
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName items.test
ServerAdmin admin#items.test
DocumentRoot /mnt/c/www/path/to/public
<Directory /mnt/c/www/path/to/public/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
run sudo a2ensite items.test.conf and sudo service apache2 reload. Next open host with notepad with administrator, and added 127.0.0.1 items.test
Visiting the site locally items.test give me this message
This site can’t be reached
What am I missing in this, spend 24hrs tweaking and no luck
After digging another few hours I found the answer, update host file with such a like:
127.0.0.1 test.tld
::1 test.tld
Source: https://github.com/microsoft/WSL/issues/4347
Soo we bough a domain name with the name of mastergamingteam.eu and we've been trying to make it work, but it does not seem to. I've tried a lot of stuff online, but we still can't connect to the page.
From client side it says DNS_PROBE_FINISHED_NXDOMAIN
We use ubuntu 16.04.6
/etc/apache2/sites-available/000-default.conf:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mastergamingteam.eu
ServerAlias www.mastergamingteam.eu
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
/etc/hosts(This keeps getting overwritten, this is there by default):
# Generated by SolusVM
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
79.139.56.118 mastergamingteam
Port 80 is enabled by ufw and Listened in apache2
A Record:
mastergamingteam.eu priority:0 TTL:7200 Type:A Value:79.139.56.118
NS Record:
mastergamingteam.eu priority:0 TTL:86400 Type:NS Value:ns1.rackforest.hu
The VPS is hosted by rackforest and bought the domain on their site.
Domain record at registrar has errors in name servers' hostnames.
$whois mastergamingteam.eu
Domain: mastergamingteam.eu
...
Registrar:
Name: PDR Ltd.
Website: https://www.publicdomainregistry.com
Name servers:
sn1.rackforest.hu
sns1.racforest.hu
You should edit record registrar and put ns1.rackforest.hu as the first name server.
Also there is only one NS record for your domain.
$ host -t ns mastergamingteam.eu ns1.rackforest.hu
Using domain server:
Name: ns1.rackforest.hu
Address: 185.43.204.2#53
Aliases:
mastergamingteam.eu name server ns1.rackforest.hu
You should probably have ns2.rackforest.hu as second name server.
ns2.rackforest.hu knows about your domain.
$host mastergamingteam.eu ns2.rackforest.hu
Using domain server:
Name: ns2.rackforest.hu
Address: 79.172.213.19#53
Aliases:
mastergamingteam.eu has address 79.139.56.118
the problem here is:
your domain points nowhere. There are no records for your domain (no A or CNAME or any other relevant records) neither are any nameservers configured.
Make sure to set records, as obviously the domain won't work.
You can check your domain's records yourself here: https://digwebinterface.com/?hostnames=mastergamingteam.eu&type=&ns=resolver&useresolver=8.8.4.4&nameservers=
I have a fresh VPS on Ubuntu 18. Have installed only PHP and Apache. Created only a one vhost config:
<VirtualHost *:80>
ServerName vp123.ovh.net
DocumentRoot /var/www/app
</VirtualHost>
After apache realod, the domain is pointing to default folder /var/www/html instead of my /var/www/app
000-default.conf is default:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
apache2ctl -S outputs:
VirtualHost configuration:
*:80 is a NameVirtualHost
default server vp123.ovh.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost vp123.ovh.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost vp123.ovh.net (/etc/apache2/sites-enabled/vp123.ovh.net.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
When pointing a new domain to this server - works perfect. But this "default domain" is always pointing to default folder. Disabling 000-default.conf helps but I don't want do that.
The virtual host defined at 000-default.conf doesn't have a ServerName directive so it inherits the value from its parent container (in this case the main server settings) and I presume such directive also has vp123.ovh.net as value. Thus Apache considers the first virtual host matches.
A ServerName should be specified inside each <VirtualHost> block. If it is absent, the ServerName from the "main" server configuration will be inherited.
Since you want to use that name elsewhere a possible solution is to set a explicit value that doesn't interfere, e.g.:
<VirtualHost *:80>
ServerName localhost
DocumentRoot /var/www/html
</VirtualHost>
Apache selects the virtual host as described in the documentation.
Considering the vhost selection process your options are:
Disable the default vHost, you don't need it.
Really. Why would you want to keep it?
Change the default vHost declaration to <VirtualHost *>. Therefore making the other vHost the default for requests targeted at port 80.
Add your servers ip address to your vhost declaration. (<VirtualHost 1.2.3.4:80>) It will then take precedence over the default vhost *:80 for requests targeted at that IP-address. Note that requests to other to other IPs of your server will still be served by the *:80-vHost.
Set DocumentRoot /var/www/app inside your default vHost. This will require you to make configuration changes in multiple vHost each time and thus increases the chance of making mistakes.