Pound reverse proxy with virtual hosts
Hiawatha version: 7.8.2
Operating System: FreeBSD 9.0-RELEASE
I read through the forums and haven't seen this topic, so if it has been discussed then forgive me.
Currently I am using Pound and Apache and it works, but I have been looking for alternatives to Apache and would like to use Hiawatha. I have 3 sites right now and one of them is commercial and will need to run SSL in the future so I am front-ending it with Pound. However, I must have something incorrectly configured because I always get a service unavailable using a Pound-Hiawatha setup.
Here are my config files:
Control "/var/run/pound"
User "www"
Group "www"
ListenHTTP
Address 192.168.1.104
Port 80
xHTTP 0
LogLevel 2
End
Service
HeadRequire "Host:*.mydomain1.com.*"
BackEnd
Address 192.168.1.101
Port 8080
End
End
Service
HeadRequire "Host:*.mydomain2.net.*"
BackEnd
Address 192.168.1.102
Port 8080
End
End
Here is my hiawatha.conf (ssl is not enabled yet)
# Hiawatha main configuration file
#
# GENERAL SETTINGS
#
ServerId=www
ConnectionsTotal = 150
ConnectionsPerIP = 10
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
HideProxy = 192.168.1.104
# SSL settings
#
#AllowedCiphers = RC4-SHA:RC4-MD5:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA
# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
Port = 80
Interface = 192.168.1.103
}
#Binding {
# Port = 443
# Interface = ::1
# MaxKeepAlive = 30
# TimeForRequest = 3,20
# SSLcertFile = hiawatha.pem
#}
Binding {
BindingID = BIND1
Interface = 192.168.1.101
Port = 8080
}
Binding {
BindingID = BIND2
Interface = 192.168.1.102
Port = 8080
}
# BANNING SETTINGS
# Deny service to clients who misbehave.
#
BanOnGarbage = 300
BanOnMaxPerIP = 60
BanOnMaxReqSize = 300
RebanDuringBan = yes
# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 127.0.0.1
WebsiteRoot = /usr/local/www/hiawatha
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
VirtualHost {
Hostname = www.mydomain1.com
WebsiteRoot = /var/www/domains/www.mydomain1.com/htdocs
RequiredBinding = BIND1
StartFile = index.html
AccessLogfile = /var/www/domains/www.mydomain1.com/logs/access.log
ErrorLogfile = /var/www/domains/www.mydomain1.com/logs/error.log
}
VirtualHost {
Hostname = www.mydomain2.net
WebsiteRoot = /var/www/domains/www.mydomain2.net/htdocs
RequiredBinding = BIND2
StartFile = index.html
AccessLogfile = /var/www/domains/www.mydomain2.net/logs/access.log
ErrorLogfile = /var/www/domains/www.mydomain2.net/logs/error.log
}
I have tried with/without HideProxy and the results are the same. "The service is not available. Please try again later." In the VirtualHost section I have used both a domain name and the internal IP (e.g., 192.168.1.101).
Thanks in advance for your help.
I also meant to include some netstat output:
tcp4 0 0 192.168.1.102.8080 *.* LISTEN
tcp4 0 0 192.168.1.101.8080 *.* LISTEN
tcp4 0 0 192.168.1.103.http *.* LISTEN
tcp4 0 0 192.168.1.104.http *.* LISTEN
This morning I also installed the latest version with the same results.
# /usr/local/sbin/hiawatha -v
Hiawatha v8.2, cache, IPv6, SSL, URL toolkit, XSLT
Copyright (C) by Hugo Leisink <hugo@leisink.net>
Not that you care since you never answered, but I was never able to get Pound to work, but Nginx works as a reverse proxy to Hiawatha.
Hugo Leisink
20 May 2012, 11:16
Instead of being insulted, you also could have send me a reminder. I simply forgot this post. I'm only human...
Interesting news for you: the next version of Hiawatha will have reverse proxy functionality.
My apologies for my insincerity. I failed to realize that you are a busy man with other responsibilities and priorities.
The release of the new version of Hiawatha with reverse proxy functionality is certainly of interest to me and I will definitely be downloading and trying it.
Again, please accept my sincerest apology for my rude behavior. And let me use this opportunity to also thank you for your quality software.
Regards,
Gary
Hugo Leisink
24 May 2012, 06:13
It's ok. Let me know if you still have any trouble to get Hiawatha up and running.
This topic has been closed.