Forum

Reverse Proxy Feature

Debi@n
8 July 2012, 02:17

Howdy Hugo,

im using Hiawatha for a couple of years and now I saw the new function "ReverseProxy" but i cant use it like the nginx upstream feature.

I would like to forward all requests from hiawatha to the Apache Webserver with the option "ReverseProxy / http://localhost:80/". But for the default host, Hiawatha requires the WebsiteRoot Option which causes only the view on the files in the WebsiteRoot.

The apache backend is used for webhosting and runs ~179 virtual hosts, so I cant add all the domains / subdomains to the hiawatha configuration.

Hiawatha version: 8.4
Operating System: Debian Squeeze

Greetings from Germany,

Debi@n
Hugo Leisink
8 July 2012, 07:51
Try using "ReverseProxy .* http://localhost:80/"
Debi@n
8 July 2012, 10:53
Thank you for your answer but this code wont work.

My configuration:
# Hiawatha main configuration file
#


# GENERAL SETTINGS
#
ServerId = www-data
ConnectionsTotal = 2500
ConnectionsPerIP = 30
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ServerString = My Infrastructure
#HideProxy = 127.0.0.1

#Binding {
# Port = 443
# Interface = 127.0.0.1
# MaxUploadSize = 100
# MaxRequestSize = 102000
#}


Binding {
Port = 443
SSLcertFile = /etc/hiawatha/serverkey.pem
MaxUploadSize = 100
MaxRequestSize = 102000
}

Binding {
Port = 443
SSLcertFile = /etc/hiawatha/serverkey.pem
Interface = 2a01:4a0:2002:21xx::2
MaxUploadSize = 100
MaxRequestSize = 102000
}


# BANNING SETTINGS
# Deny service to clients who misbehave.
#
BanOnGarbage = 300
BanOnMaxPerIP = 60
BanOnMaxReqSize = 300
KickOnBan = yes
RebanDuringBan = yes
BanOnSQLi = 600
PreventSQLi = yes
PreventXSS = yes
PreventCSRF = yes

DenyBot = Morfeus Fucking Scanner:/
DenyBot = ZmEu:/

# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications. Use the 'php-fcgi'
# tool to start PHP as a FastCGI daemon.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/php-cgi:php
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
#CGIextension = cgi
#
#FastCGIserver {
# FastCGIid = PHP5
# ConnectTo = 127.0.0.1:2005
# Extension = php
#}


# URL TOOLKIT
# This URL toolkit rule was made for the Banshee PHP framework, which
# can be downloaded from http://www.hiawatha-webserver.org/banshee
#
#UrlToolkit {
# ToolkitID = banshee
# RequestURI isfile Return
# Match ^/(css|files|images|js)/ Return
# Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
# Match .*\?(.*) Rewrite /index.php?$1
# Match .* Rewrite /index.php
#}


# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 127.0.0.1
WebsiteRoot = /var/www/df
StartFile = index.html
ReverseProxy .* http://localhost:80/
Hugo Leisink
8 July 2012, 14:59
Hiawatha replaces the hostname of the Host HTTP header in the request with the hostname of the ReverseProxy URL. My guess is that that's not what you want. You want the request unchanged. Correct?
Debi@n
8 July 2012, 15:35
Correct, i want the host header unchanged to call the correct virtualhost in the apache configuration.



Hugo Leisink
8 July 2012, 15:47
That's not supported by Hiawatha, yet. I've made some changes to rproxy.c, which you can download here. Use this one to recompile Hiawatha. The reverse proxy now works like this: if you use a hostname in the URL in the ReverseProxy setting, Hiawatha will change the value of the Host HTTP header with that hostname. If you use an IP address, the Host HTTP header will no be changed.

Let me know if this works for you.
Debi@n
8 July 2012, 16:35
Thank you Hugo, but with ReverseProxy .* http://localhost:80/ it wont work too
Debi@n
8 July 2012, 16:37
Sorry for the last post, it works now!

Thank you so much!!
This topic has been closed.