FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-14-2008, 05:00 PM
"ankush grover"
 
Default redirecting outside connections to https on apache

Hi friends,

There are about 15 applications hosted on different in our
infrastructure mostly running on apache/iis/tomcat. We have a frontend
apache server running on Centos 4.4 64bit which make these
applications accessible to outside world.

For the applications which are running on tomcat we are running
jkmount to make these applications available without mentioning tomcat
ports. For apache/iis applications we are using ProxyPass. The issue
we are facing is that we are not able to make these applications
accessible through https automatically means if the user is not from
within the LAN then the http link should automatically redirected to
https. We already have GoDaddy stamped ssl certificate on this apache
frontend server but we are struggling for rules for outside world.

What is the best way to make these applications accessible to outside
world through https connections only that is if somebody use
http://xx.xx.com/xx to use the application it should be redirected to
https we don't have the requirement for https connections from within
the LAN but definitely for outside connections.

JkMount /team/* team
JkMount /team team

Then we have rules for this in the workers.properties file


ProxyPass /public http://my.testing.com/public
ProxyPassReverse /public https://my.testing.com/public


Please let me know do you need any further inputs


Thanks & Regards

Ankush
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-14-2008, 05:33 PM
Barry Brimer
 
Default redirecting outside connections to https on apache

Quoting ankush grover <ankushcentos@gmail.com>:

> Hi friends,
>
> There are about 15 applications hosted on different in our
> infrastructure mostly running on apache/iis/tomcat. We have a frontend
> apache server running on Centos 4.4 64bit which make these
> applications accessible to outside world.
>
> For the applications which are running on tomcat we are running
> jkmount to make these applications available without mentioning tomcat
> ports. For apache/iis applications we are using ProxyPass. The issue
> we are facing is that we are not able to make these applications
> accessible through https automatically means if the user is not from
> within the LAN then the http link should automatically redirected to
> https. We already have GoDaddy stamped ssl certificate on this apache
> frontend server but we are struggling for rules for outside world.
>
> What is the best way to make these applications accessible to outside
> world through https connections only that is if somebody use
> http://xx.xx.com/xx to use the application it should be redirected to
> https we don't have the requirement for https connections from within
> the LAN but definitely for outside connections.
>
> JkMount /team/* team
> JkMount /team team
>
> Then we have rules for this in the workers.properties file
>
>
> ProxyPass /public http://my.testing.com/public
> ProxyPassReverse /public https://my.testing.com/public

You can force to ssl by using something like this with mod_rewrite

RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]

Details on how to select your condition for this statement is available at:
<http://askapache.info/trunk/mod/mod_rewrite.html#rewritecond>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-14-2008, 07:19 PM
"Jeff Larsen"
 
Default redirecting outside connections to https on apache

On Mon, Apr 14, 2008 at 12:33 PM, Barry Brimer <lists@brimer.org> wrote:
> Quoting ankush grover <ankushcentos@gmail.com>:
>
> > Hi friends,
> >
> > There are about 15 applications hosted on different in our
> > infrastructure mostly running on apache/iis/tomcat. We have a frontend
> > apache server running on Centos 4.4 64bit which make these
> > applications accessible to outside world.
> >
> > For the applications which are running on tomcat we are running
> > jkmount to make these applications available without mentioning tomcat
> > ports. For apache/iis applications we are using ProxyPass. The issue
> > we are facing is that we are not able to make these applications
> > accessible through https automatically means if the user is not from
> > within the LAN then the http link should automatically redirected to
> > https. We already have GoDaddy stamped ssl certificate on this apache
> > frontend server but we are struggling for rules for outside world.
> >
> > What is the best way to make these applications accessible to outside
> > world through https connections only that is if somebody use
> > http://xx.xx.com/xx to use the application it should be redirected to
> > https we don't have the requirement for https connections from within
> > the LAN but definitely for outside connections.
> >
> > JkMount /team/* team
> > JkMount /team team
> >
> > Then we have rules for this in the workers.properties file
> >
> >
> > ProxyPass /public http://my.testing.com/public
> > ProxyPassReverse /public https://my.testing.com/public
>
> You can force to ssl by using something like this with mod_rewrite
>
> RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]
>
> Details on how to select your condition for this statement is available at:
> <http://askapache.info/trunk/mod/mod_rewrite.html#rewritecond>
>

To clarify, the proxy pass configuration is irrelevant. The https
rewrite rule is applied to the outside facing web server for whatever
URL patterns you wish to secure. You don't need to do anything to the
back-end web server.

Here's a useful example on the rewrite: http://tinyurl.com/6l7erl

--
Jeff
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org