Rocksolid Light - comp.infosystems.www.servers.unix - Re: Using Apache2 as proxy to redirect traffic within LAN not working as intended

Re: Using Apache2 as proxy to redirect traffic within LAN not working as intended

<16065f2a-2425-4da6-834c-ba1bb19a2237n@googlegroups.com>

http://rslight.i2p/devel/article-flat.php?id=95&group=comp.infosystems.www.servers.unix#95

copy link Newsgroups: comp.infosystems.www.servers.unix

X-Received: by 2002:a05:620a:4711:b0:74d:fd99:ab3e with SMTP id bs17-20020a05620a471100b0074dfd99ab3emr6873437qkb.9.1683750510756;
Wed, 10 May 2023 13:28:30 -0700 (PDT)
X-Received: by 2002:a81:ac61:0:b0:55a:5a86:7b70 with SMTP id
z33-20020a81ac61000000b0055a5a867b70mr11688308ywj.4.1683750510170; Wed, 10
May 2023 13:28:30 -0700 (PDT)
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!3.eu.feeder.erje.net!feeder.erje.net!newsreader4.netcologne.de!news.netcologne.de!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.infosystems.www.servers.unix
Date: Wed, 10 May 2023 13:28:29 -0700 (PDT)
In-Reply-To: <u3goig$oiap$3@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=2604:2d80:d293:1400:0:0:0:2;
posting-account=DimvNAoAAAAYk7MdTsIa3a6jvHV4nU8a
NNTP-Posting-Host: 2604:2d80:d293:1400:0:0:0:2
References: <ef3316a2-2623-4291-8f7c-1f713ec4cac4n@googlegroups.com> <u3goig$oiap$3@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <16065f2a-2425-4da6-834c-ba1bb19a2237n@googlegroups.com>
Subject: Re: Using Apache2 as proxy to redirect traffic within LAN not working
as intended
From: giantvince1@gmail.com (Vincent “Giantvince1” Meadows)
Injection-Date: Wed, 10 May 2023 20:28:30 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Received-Bytes: 10353

by: Vincent “Giantvinc - Wed, 10 May 2023 20:28 UTC

On Wednesday, May 10, 2023 at 1:44:38 PM UTC-5, Marco Moock wrote:
> Am 10.05.2023 um 09:34:04 Uhr schrieb Vincent “Giantvince1” Meadows:
>
> > In my case, when I have this set up in such a manner, it seems to
> > only proxy to one machine in particular, regardless of the fact that
> > the IP addresses in the proxy rules are pointing to the correct
> > machines in each "Server" block in the configs. Can someone please
> > help me figure this out? It's driving me nuts!
> Please post your configuration.

My entire config is below this line; I obfuscated my IPv6 for privacy reasons, my IPv4 addresses are actually private due to only having one public IPv4 and requiring NAT.
Also, as of right now, I have instigated my router to force IPv6 NAT so that I can avoid the problem for now, since it seems that forcing the router to ALWAYS pick 10.0.0.4 (and the associated IPv6 address) to pass traffic to makes things just *work*.

<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

<VirtualHost *:443>
ServerName pihole.meadowsburklepcrepair.com
ServerAdmin vincent@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/admin
<Directory "/var/www/html/admin">
DirectoryIndex index.php
<RequireAny>
Require ip 10.0.0.0/24
Require ip fd00::/64
</RequireAny>
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName dynmap.villageofgamers.net
ServerAdmin vincent@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/dynmap
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.maxxburkleservices.com
ServerAdmin vincent@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.meadowsburklepcrepair.com
ServerAdmin vincent@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.villageofgamers.net
ServerAdmin vincent@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName maxxburkleservices.com
ServerAdmin vincent@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName meadowsburklepcrepair.com
ServerAdmin vincent@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName nextcloud.meadowsburklepcrepair.com
ServerAdmin vincent@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<Directory /var/www/html/nextcloud>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
DirectoryIndex index.php
</Directory>
DocumentRoot /var/www/html/nextcloud
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName radio.villageofgamers.net
ServerAdmin vincent@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://127.0.0.1:8443/
ProxyPassReverse / https://127.0.0.1:8443/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName support.meadowsburklepcrepair.com
ServerAdmin vincent@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.3/
ProxyPassReverse / https://10.0.0.3/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName vaultwarden.meadowsburklepcrepair.com
ServerAdmin vincent@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.3/
ProxyPassReverse / https://10.0.0.3/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName villageofgamers.net
ServerAdmin vincent@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

Subject	Replies	Author
Using Apache2 as proxy to redirect traffic within LAN not working as intended By: Vincent “Giantvinc on Wed, 10 May 2023	4	Vincent “Giantvince1” Meadows

Torque is cheap.

devel / comp.infosystems.www.servers.unix / Re: Using Apache2 as proxy to redirect traffic within LAN not working as intended