I have been again trying all kinds of combinations but none of them work. To clear up things, I have made two versions, one where the entry point is "/" and the other is "/bla". Of course, only one of the is active at the same time. This way I can check that I didn't break anything while playing around. When my entry point is "/", it still works fine. My front end config looks like this: # config "/" #ProxyPass / http://example.com:8001/ #ProxyPassReverse / http://example.com:8001/
# config "/bla" ProxyPass /bla http://example.com:8001/bla ProxyPassReverse /bla http://example.com:8001/bla # general RequestHeader set X-Forwarded-Port 443 RequestHeader set X-Forwarded-Scheme https And my mod_wsgi-express is set up in the following way for entry point "/": mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ --reload-on-changes \ --port 8001 \ --user www-data --group www-data \ --server-root /var/www/my_app \ --log-level debug \ --access-log \ --trust-proxy-header X-Forwarded-Host \ --trust-proxy-header X-Forwarded-Port \ --trust-proxy-header X-Forwarded-For \ --trust-proxy-header X-Forwarded-Scheme And for the entry point "/bla": mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ --reload-on-changes \ --port 8001 \ --user www-data --group www-data \ --server-root /var/www/my_app \ --log-level debug \ --access-log \ --trust-proxy-header X-Forwarded-Host \ --trust-proxy-header X-Forwarded-Port \ --trust-proxy-header X-Forwarded-For \ --trust-proxy-header X-Forwarded-Scheme \ --mount-point /bla This seems to be the most reasonable configuration and in my world this should work, but it doesn't (I also found this <https://github.com/GrahamDumpleton/mod_wsgi/issues/356>that seems to work and is very similar to what I do). If I understood your blog posts correctly, I don't have to change anything in my Flask application for this to work. Is that correct? Any ideas what might be wrong here? Am Freitag, 3. April 2020 00:53:58 UTC+2 schrieb Graham Dumpleton: > > Try using the --trust-??? options to mod_wsgi-express mentioned in: > > http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html > > The fact that it is saying "Loading ..." suggests that that would be > filled in later by some Javaascript code. > > If your application is not handling the X-Forwarded-??? headers, it may be > generating an incorrect URL in a response that Javascript code is using to > do further AJAX requests to something. > > Also try using the option: > > --mount-point /bla > > option to mod_wsgi-express so the backend mount points matches the front > end mount point. If don't do this, the backend will think it is mounted at > the root of the site, which again may be mucking up generated URLs. > > On 2 Apr 2020, at 9:01 pm, Raphael Monstein <[email protected] <javascript:>> > wrote: > > Ah, I see. here's what I get from curl http://example.com:8001: > > <!DOCTYPE html> > <html> > <head> > <meta http-equiv="X-UA-Compatible" content="IE=edge"> > <meta charset="UTF-8"> > <title>My title</title> > <link rel="icon" type="image/x-icon" href="/_favicon.ico?v=1.4.1"> > <link rel="stylesheet" href=" > https://codepen.io/chriddyp/pen/bWLwgP.css";> > <link rel="stylesheet" href="/assets/style.css"> > <link rel="stylesheet" href="/assets/style.css?m=1585731972.8701963"> > </head> > <body> > > <div id="react-entry-point"> > <div class="_dash-loading"> > Loading... > </div> > </div> > > <footer> > <script id="_dash-config" type="application/json">{ > "url_base_pathname": null, "requests_pathname_prefix": "/", "ui": false, > "props_check": false, "show_undo_redo": false}</script> > <script src="/ > _dash-component-suites/dash_renderer/[email protected] <javascript:> > ?v=1.1.2&m=1576595738"></script> > <script src="/_dash-component-suites/dash_renderer/[email protected] > <javascript:>?v=1.1.2&m=1576595738"></script> > <script src="/ > _dash-component-suites/dash_renderer/[email protected] > <javascript:>?v=1.1.2&m=1576595738"></script> > <script src= > "/_dash-component-suites/dash_core_components/plotly-1.50.1.min.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_core_components/highlight.pack.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_core_components/dash_core_components.min.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_html_components/dash_html_components.min.js?v=1.0.1&m=1576596177" > ></script> > <script src= > "/_dash-component-suites/dash_renderer/dash_renderer.min.js?v=1.1.2&m=1576595738" > ></script> > <script id="_dash-renderer" type="application/javascript">var > renderer = new DashRenderer();</script> > </footer> > </body> > </html> > > And this what I get from curl -u user:password https://example.com/bla: > <!DOCTYPE html> > <html> > <head> > <meta http-equiv="X-UA-Compatible" content="IE=edge"> > <meta charset="UTF-8"> > <title>My title</title> > <link rel="icon" type="image/x-icon" href="/_favicon.ico?v=1.4.1"> > <link rel="stylesheet" href=" > https://codepen.io/chriddyp/pen/bWLwgP.css";> > <link rel="stylesheet" href="/assets/style.css"> > <link rel="stylesheet" href="/assets/style.css?m=1585731972.8701963"> > </head> > <body> > > <div id="react-entry-point"> > <div class="_dash-loading"> > Loading... > </div> > </div> > > <footer> > <script id="_dash-config" type="application/json">{ > "url_base_pathname": null, "requests_pathname_prefix": "/", "ui": false, > "props_check": false, "show_undo_redo": false}</script> > <script src="/ > _dash-component-suites/dash_renderer/[email protected] <javascript:> > ?v=1.1.2&m=1576595738"></script> > <script src="/_dash-component-suites/dash_renderer/[email protected] > <javascript:>?v=1.1.2&m=1576595738"></script> > <script src="/ > _dash-component-suites/dash_renderer/[email protected] > <javascript:>?v=1.1.2&m=1576595738"></script> > <script src= > "/_dash-component-suites/dash_core_components/plotly-1.50.1.min.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_core_components/highlight.pack.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_core_components/dash_core_components.min.js?v=1.3.1&m=1576595950" > ></script> > <script src= > "/_dash-component-suites/dash_html_components/dash_html_components.min.js?v=1.0.1&m=1576596177" > ></script> > <script src= > "/_dash-component-suites/dash_renderer/dash_renderer.min.js?v=1.1.2&m=1576595738" > ></script> > <script id="_dash-renderer" type="application/javascript">var > renderer = new DashRenderer();</script> > </footer> > </body> > </html> > > The both look pretty much the same to me, except that if I access it with > the browser it gets stuck at "Loading..." when I go via the proxy. > > I set the log level to debug on the backend server and that works (I can > see some debug messages in the error log from the startup). When I do curl > http://example.com:8001 I get the following: > > [Thu Apr 02 10:50:17.240939 2020] [authz_core:debug] [pid 11192:tid > 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026] AH01626: > authorization result of <RequireAny>: granted > [Thu Apr 02 10:50:17.241057 2020] [authz_core:debug] [pid 11192:tid > 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026] AH01626: > authorization result of Require all granted: granted > [Thu Apr 02 10:50:17.241070 2020] [authz_core:debug] [pid 11192:tid > 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026] AH01626: > authorization result of <RequireAny>: granted > > But when I do curl -u user:password https://example.com/bla I don't get a > new entry in the log file. > > Do you know what that means and how I can fix it? > > > > *Gesendet:* Donnerstag, 02. April 2020 um 10:09 Uhr > *Von:* "Graham Dumpleton" <[email protected] <javascript:>> > *An:* [email protected] <javascript:> > *Betreff:* Re: [modwsgi] Apache proxy and mod_wsgi-express > But with if you get on the host where front end Apache is running and you > use 'curl' to access it using exact URL ProxyPass is using? > > When you do access it via the Apache front end, with --log-level debug, > does it log anything at all indicating the request is received by > mod_wsgi-express? > > > On 2 Apr 2020, at 6:59 pm, [email protected] <javascript:> wrote: > > If I open the port on my firewall and access it directly at port 8001 ( > http://example.com:8001) with it works perfectly fine. > > Am Donnerstag, 2. April 2020 09:45:09 UTC+2 schrieb Graham Dumpleton: > >> So what happens when you access the backend directly? >> >> >> On 2 Apr 2020, at 5:49 pm, [email protected] wrote: >> >> Thank you Graham, me setup is based on the blog posts you suggested. I >> started out with the ProxyPass not inside of Location and then tried all >> kinds of combinations, with no success. I had tried the following: >> >> ProxyPass /bla "http:// >> <http://www.google.com/url?q=http%3A%2F%2Fsrv-lab-t-495.zhaw.ch%3A8001%2F&sa=D&sntz=1&usg=AFQjCNFZ1bAXrhV627byubHJciYqOmnOvw> >> example.com >> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ> >> :8001/ >> <http://www.google.com/url?q=http%3A%2F%2Fsrv-lab-t-495.zhaw.ch%3A8001%2F&sa=D&sntz=1&usg=AFQjCNFZ1bAXrhV627byubHJciYqOmnOvw> >> " >> ProxyPassReverse /bla "http:// >> <http://srv-lab-t-495.zhaw.ch:8001/>example.com >> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ> >> :8001/ <http://srv-lab-t-495.zhaw.ch:8001/>" >> RequestHeader set X-Forwarded-Proto "https" >> >> Any other ideas on what the issue could be? >> >> Am Donnerstag, 2. April 2020 01:36:03 UTC+2 schrieb Graham Dumpleton: >>> >>> Usually you wouldn't put ProxyPass inside of Location. What happens when >>> you don't use Location and instead use: >>> >>> ProxyPass /bla "http://example.com >>> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ> >>> :8001/" >>> ProxyPassReverse /bla "http://example.com:8001/"; >>> >>> Note how the sub URL is the first argument to ProxyPass. >>> >>> For more details related to proxying to mod_wsgi-express see: >>> >>> http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html >>> >>> http://blog.dscpl.com.au/2015/07/redirection-problems-when-proxying-to.html >>> >>> >>> On 2 Apr 2020, at 6:46 am, [email protected] wrote: >>> >>> I have a frontend Apache that acts as a proxy to my backend >>> mod_wsgi-express proxy to fix an issue that I had before (see >>> https://groups.google.com/forum/#!topic/modwsgi/GTjMMm4wZJI). >>> >>> My front end configuration looks like this: >>> <IfModule mod_ssl.c> >>> <VirtualHost _default_:443> >>> ServerName example.com >>> ServerAdmin [email protected] >>> >>> <Proxy *> >>> AuthType Basic >>> AuthUserFile /data/passwords/passwords.pwd >>> AuthName "myDemoApp" >>> <RequireAll> >>> Require valid-user >>> </RequireAll> >>> </proxy> >>> >>> <Location "/"> >>> ProxyPass "http://example.com:8001/"; >>> ProxyPassReverse "http://example.com:8001/"; >>> RequestHeader set X-Forwarded-Proto "https" >>> </Location> >>> >>> : >>> >>> </VirtualHost> >>> </IfModule> >>> >>> and my mod_wsgi-express looks like this: >>> mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ >>> --reload-on-changes \ >>> --port 8001 \ >>> --user www-data --group www-data \ >>> --server-root /var/www/my_app \ >>> --log-level info \ >>> --access-log >>> >>> This setup works perfectly fine and opens my page when I go on >>> https://example.com. But I would like to use my proxy to forward the >>> requests to different backends, depending on the URL. >>> >>> To this end, I changed the <Location "/"> to <Location "/bla/">. Not >>> when I open the website at https://example.com I get the Apache2 >>> Default Page, which is what I would expect. But when I try to open >>> https://example.com/bla/ it simply doesn't load the website (no error >>> or something, just the Loading...). I don't get any error, neither in the >>> frontend nor in the backend log. >>> >>> Does anybody have an idea what might be wrong with my configuration? >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "modwsgi" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/modwsgi/889266ce-91e2-4ac3-a9ed-0fd13e6d9ed6%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/modwsgi/889266ce-91e2-4ac3-a9ed-0fd13e6d9ed6%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/f5461cdd-e62a-4764-9216-ef7bf47da5e8%40googlegroups.com >> >> <https://groups.google.com/d/msgid/modwsgi/f5461cdd-e62a-4764-9216-ef7bf47da5e8%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/218165cc-50d2-4f2b-8989-9167b3127a6f%40googlegroups.com > > <https://groups.google.com/d/msgid/modwsgi/218165cc-50d2-4f2b-8989-9167b3127a6f%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/5824B189-06E7-406C-A16E-52D9A49E29F2%40gmail.com > > <https://groups.google.com/d/msgid/modwsgi/5824B189-06E7-406C-A16E-52D9A49E29F2%40gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/trinity-16397838-77af-4d30-93a8-8e9ab4fbf39d-1585821663425%403c-app-gmx-bap75 > > <https://groups.google.com/d/msgid/modwsgi/trinity-16397838-77af-4d30-93a8-8e9ab4fbf39d-1585821663425%403c-app-gmx-bap75?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/85fbfdb4-f239-4309-95b2-7f998bb9efe1%40googlegroups.com.
