Try also: --mount-point /bla/
I can't remember if the trailing slash can make a difference. > On 3 Apr 2020, at 11:20 pm, [email protected] wrote: > > I have been again trying all kinds of combinations but none of them work. To > clear up things, I have made two versions, one where the entry point is "/" > and the other is "/bla". Of course, only one of the is active at the same > time. This way I can check that I didn't break anything while playing around. > When my entry point is "/", it still works fine. My front end config looks > like this: > # config "/" > #ProxyPass / http://example.com <http://example.com/>:8001/ > #ProxyPassReverse / http://example.com <http://example.com/>:8001/ > > # config "/bla" > ProxyPass /bla http://example.com > <http://example.com/>:8001/bla > ProxyPassReverse /bla http://example.com > <http://example.com/>:8001/bla > > # general > RequestHeader set X-Forwarded-Port 443 > RequestHeader set X-Forwarded-Scheme https > > And my mod_wsgi-express is set up in the following way for entry point "/": > mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ > --reload-on-changes \ > --port 8001 \ > --user www-data --group www-data \ > --server-root /var/www/my_app \ > --log-level debug \ > --access-log \ > --trust-proxy-header X-Forwarded-Host \ > --trust-proxy-header X-Forwarded-Port \ > --trust-proxy-header X-Forwarded-For \ > --trust-proxy-header X-Forwarded-Scheme > > And for the entry point "/bla": > mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ > --reload-on-changes \ > --port 8001 \ > --user www-data --group www-data \ > --server-root /var/www/my_app \ > --log-level debug \ > --access-log \ > --trust-proxy-header X-Forwarded-Host \ > --trust-proxy-header X-Forwarded-Port \ > --trust-proxy-header X-Forwarded-For \ > --trust-proxy-header X-Forwarded-Scheme \ > --mount-point /bla > > This seems to be the most reasonable configuration and in my world this > should work, but it doesn't (I also found thisĀ > <https://github.com/GrahamDumpleton/mod_wsgi/issues/356>that seems to work > and is very similar to what I do). > > If I understood your blog posts correctly, I don't have to change anything in > my Flask application for this to work. Is that correct? > > Any ideas what might be wrong here? > > Am Freitag, 3. April 2020 00:53:58 UTC+2 schrieb Graham Dumpleton: > Try using the --trust-??? options to mod_wsgi-express mentioned in: > > http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html > <http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html> > > The fact that it is saying "Loading ..." suggests that that would be filled > in later by some Javaascript code. > > If your application is not handling the X-Forwarded-??? headers, it may be > generating an incorrect URL in a response that Javascript code is using to do > further AJAX requests to something. > > Also try using the option: > > --mount-point /bla > > option to mod_wsgi-express so the backend mount points matches the front end > mount point. If don't do this, the backend will think it is mounted at the > root of the site, which again may be mucking up generated URLs. > >> On 2 Apr 2020, at 9:01 pm, Raphael Monstein <rmoo...@ <>gmx.net >> <http://gmx.net/>> wrote: >> >> Ah, I see. here's what I get from curl http://example.com:8001: >> <http://example.com:8001:> >> >> <!DOCTYPE html> >> <html> >> <head> >> <meta http-equiv="X-UA-Compatible" content="IE=edge"> >> <meta charset="UTF-8"> >> <title>My title</title> >> <link rel="icon" type="image/x-icon" href="/_favicon.ico?v=1.4.1"> >> <link rel="stylesheet" >> href="https://codepen.io/chriddyp/pen/bWLwgP.css >> <https://codepen.io/chriddyp/pen/bWLwgP.css>"> >> <link rel="stylesheet" href="/assets/style.css"> >> <link rel="stylesheet" href="/assets/style.css?m=1585731972.8701963"> >> </head> >> <body> >> >> <div id="react-entry-point"> >> <div class="_dash-loading"> >> Loading... >> </div> >> </div> >> >> <footer> >> <script id="_dash-config" >> type="application/json">{"url_base_pathname": null, >> "requests_pathname_prefix": "/", "ui": false, "props_check": false, >> "show_undo_redo": false}</script> >> <script >> src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script >> src="/_dash-component-suites/dash_core_components/plotly-1.50.1.min.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_core_components/highlight.pack.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_core_components/dash_core_components.min.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_html_components/dash_html_components.min.js?v=1.0.1&m=1576596177"></script> >> <script >> src="/_dash-component-suites/dash_renderer/dash_renderer.min.js?v=1.1.2&m=1576595738"></script> >> <script id="_dash-renderer" type="application/javascript">var >> renderer = new DashRenderer();</script> >> </footer> >> </body> >> </html> >> >> And this what I get from curl -u user:password https://example.com/bla: >> <https://example.com/bla:> >> <!DOCTYPE html> >> <html> >> <head> >> <meta http-equiv="X-UA-Compatible" content="IE=edge"> >> <meta charset="UTF-8"> >> <title>My title</title> >> <link rel="icon" type="image/x-icon" href="/_favicon.ico?v=1.4.1"> >> <link rel="stylesheet" >> href="https://codepen.io/chriddyp/pen/bWLwgP.css >> <https://codepen.io/chriddyp/pen/bWLwgP.css>"> >> <link rel="stylesheet" href="/assets/style.css"> >> <link rel="stylesheet" href="/assets/style.css?m=1585731972.8701963"> >> </head> >> <body> >> >> <div id="react-entry-point"> >> <div class="_dash-loading"> >> Loading... >> </div> >> </div> >> >> <footer> >> <script id="_dash-config" >> type="application/json">{"url_base_pathname": null, >> "requests_pathname_prefix": "/", "ui": false, "props_check": false, >> "show_undo_redo": false}</script> >> <script >> src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script src="/_dash-component-suites/dash_renderer/[email protected] >> <>?v=1.1.2&m=1576595738"></script> >> <script >> src="/_dash-component-suites/dash_core_components/plotly-1.50.1.min.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_core_components/highlight.pack.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_core_components/dash_core_components.min.js?v=1.3.1&m=1576595950"></script> >> <script >> src="/_dash-component-suites/dash_html_components/dash_html_components.min.js?v=1.0.1&m=1576596177"></script> >> <script >> src="/_dash-component-suites/dash_renderer/dash_renderer.min.js?v=1.1.2&m=1576595738"></script> >> <script id="_dash-renderer" type="application/javascript">var >> renderer = new DashRenderer();</script> >> </footer> >> </body> >> </html> >> >> The both look pretty much the same to me, except that if I access it with >> the browser it gets stuck at "Loading..." when I go via the proxy. >> >> I set the log level to debug on the backend server and that works (I can see >> some debug messages in the error log from the startup). When I do curl >> http://example.com:8001 <http://example.com:8001/> I get the following: >> >> [Thu Apr 02 10:50:17.240939 2020] [authz_core:debug] [pid 11192:tid >> 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026 >> <http://127.0.0.1:39026/>] AH01626: authorization result of <RequireAny>: >> granted >> [Thu Apr 02 10:50:17.241057 2020] [authz_core:debug] [pid 11192:tid >> 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026 >> <http://127.0.0.1:39026/>] AH01626: authorization result of Require all >> granted: granted >> [Thu Apr 02 10:50:17.241070 2020] [authz_core:debug] [pid 11192:tid >> 139984647812864] mod_authz_core.c(820): [client 127.0.0.1:39026 >> <http://127.0.0.1:39026/>] AH01626: authorization result of <RequireAny>: >> granted >> >> But when I do curl -u user:password https://example.com/bla >> <https://example.com/bla> I don't get a new entry in the log file. >> >> Do you know what that means and how I can fix it? >> >> >> >> Gesendet: Donnerstag, 02. April 2020 um 10:09 Uhr >> Von: "Graham Dumpleton" <graham....@ <>gmail.com <http://gmail.com/>> >> An: mod...@ <>googlegroups.com <http://googlegroups.com/> >> Betreff: Re: [modwsgi] Apache proxy and mod_wsgi-express >> But with if you get on the host where front end Apache is running and you >> use 'curl' to access it using exact URL ProxyPass is using? >> >> When you do access it via the Apache front end, with --log-level debug, does >> it log anything at all indicating the request is received by >> mod_wsgi-express? >> >> On 2 Apr 2020, at 6:59 pm, rmoo...@ <>gmx.net <http://gmx.net/> wrote: >> >> If I open the port on my firewall and access it directly at port 8001 >> (http://example.com:8001 <http://example.com:8001/>) with it works perfectly >> fine. >> >> Am Donnerstag, 2. April 2020 09:45:09 UTC+2 schrieb Graham Dumpleton: >> So what happens when you access the backend directly? >> >> On 2 Apr 2020, at 5:49 pm, rmoo...@ <>gmx.net <http://gmx.net/> wrote: >> >> Thank you Graham, me setup is based on the blog posts you suggested. I >> started out with the ProxyPass not inside of Location and then tried all >> kinds of combinations, with no success. I had tried the following: >> >> ProxyPass /bla "http:// >> <http://www.google.com/url?q=http%3A%2F%2Fsrv-lab-t-495.zhaw.ch%3A8001%2F&sa=D&sntz=1&usg=AFQjCNFZ1bAXrhV627byubHJciYqOmnOvw>example.com >> >> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ>:8001/ >> >> <http://www.google.com/url?q=http%3A%2F%2Fsrv-lab-t-495.zhaw.ch%3A8001%2F&sa=D&sntz=1&usg=AFQjCNFZ1bAXrhV627byubHJciYqOmnOvw>" >> ProxyPassReverse /bla "http:// >> <http://srv-lab-t-495.zhaw.ch:8001/>example.com >> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ>:8001/ >> <http://srv-lab-t-495.zhaw.ch:8001/>" >> RequestHeader set X-Forwarded-Proto "https" >> >> Any other ideas on what the issue could be? >> >> Am Donnerstag, 2. April 2020 01:36:03 UTC+2 schrieb Graham Dumpleton: >> Usually you wouldn't put ProxyPass inside of Location. What happens when you >> don't use Location and instead use: >> >> ProxyPass /bla "http://example.com >> <http://www.google.com/url?q=http%3A%2F%2Fexample.com%2F&sa=D&sntz=1&usg=AFQjCNHbmhS24rOBWpzaMcUapS5k_3_-JQ>:8001/" >> ProxyPassReverse /bla "http://example.com:8001/ >> <http://example.com:8001/>" >> >> Note how the sub URL is the first argument to ProxyPass. >> >> For more details related to proxying to mod_wsgi-express see: >> >> http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html >> <http://blog.dscpl.com.au/2015/06/proxying-to-python-web-application.html> >> http://blog.dscpl.com.au/2015/07/redirection-problems-when-proxying-to.html >> <http://blog.dscpl.com.au/2015/07/redirection-problems-when-proxying-to.html> >> >> On 2 Apr 2020, at 6:46 am, rmoo...@ <>gmx.net <http://gmx.net/> wrote: >> >> I have a frontend Apache that acts as a proxy to my backend mod_wsgi-express >> proxy to fix an issue that I had before (see >> https://groups.google.com/forum/#!topic/modwsgi/GTjMMm4wZJI >> <https://groups.google.com/forum/#!topic/modwsgi/GTjMMm4wZJI>). >> >> My front end configuration looks like this: >> <IfModule mod_ssl.c> >> <VirtualHost _default_:443> >> ServerName example.com <http://example.com/> >> ServerAdmin m...@ <>example.com <http://example.com/> >> >> <Proxy *> >> AuthType Basic >> AuthUserFile /data/passwords/passwords.pwd >> AuthName "myDemoApp" >> <RequireAll> >> Require valid-user >> </RequireAll> >> </proxy> >> >> <Location "/"> >> ProxyPass "http://example.com >> <http://example.com/>:8001/" >> ProxyPassReverse "http://example.com >> <http://example.com/>:8001/" >> RequestHeader set X-Forwarded-Proto "https" >> </Location> >> >> : >> >> </VirtualHost> >> </IfModule> >> >> and my mod_wsgi-express looks like this: >> mod_wsgi-express setup-server /data/website/myApp/wsgi.py \ >> --reload-on-changes \ >> --port 8001 \ >> --user www-data --group www-data \ >> --server-root /var/www/my_app \ >> --log-level info \ >> --access-log >> >> This setup works perfectly fine and opens my page when I go on >> https://example.com <https://example.com/>. But I would like to use my proxy >> to forward the requests to different backends, depending on the URL. >> >> To this end, I changed the <Location "/"> to <Location "/bla/">. Not when I >> open the website at https://example.com <https://example.com/> I get the >> Apache2 Default Page, which is what I would expect. But when I try to open >> https://example.com/bla/ <https://example.com/bla/> it simply doesn't load >> the website (no error or something, just the Loading...). I don't get any >> error, neither in the frontend nor in the backend log. >> >> Does anybody have an idea what might be wrong with my configuration? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to mod...@ <>googlegroups.com <http://googlegroups.com/>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/889266ce-91e2-4ac3-a9ed-0fd13e6d9ed6%40googlegroups.com >> >> <https://groups.google.com/d/msgid/modwsgi/889266ce-91e2-4ac3-a9ed-0fd13e6d9ed6%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to mod...@ <>googlegroups.com <http://googlegroups.com/>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/f5461cdd-e62a-4764-9216-ef7bf47da5e8%40googlegroups.com >> >> <https://groups.google.com/d/msgid/modwsgi/f5461cdd-e62a-4764-9216-ef7bf47da5e8%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to mod...@ <>googlegroups.com <http://googlegroups.com/>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/218165cc-50d2-4f2b-8989-9167b3127a6f%40googlegroups.com >> >> <https://groups.google.com/d/msgid/modwsgi/218165cc-50d2-4f2b-8989-9167b3127a6f%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to mod...@ <>googlegroups.com <http://googlegroups.com/>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/5824B189-06E7-406C-A16E-52D9A49E29F2%40gmail.com >> >> <https://groups.google.com/d/msgid/modwsgi/5824B189-06E7-406C-A16E-52D9A49E29F2%40gmail.com?utm_medium=email&utm_source=footer>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to mod...@ <>googlegroups.com <http://googlegroups.com/>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/trinity-16397838-77af-4d30-93a8-8e9ab4fbf39d-1585821663425%403c-app-gmx-bap75 >> >> <https://groups.google.com/d/msgid/modwsgi/trinity-16397838-77af-4d30-93a8-8e9ab4fbf39d-1585821663425%403c-app-gmx-bap75?utm_medium=email&utm_source=footer>. > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/85fbfdb4-f239-4309-95b2-7f998bb9efe1%40googlegroups.com > > <https://groups.google.com/d/msgid/modwsgi/85fbfdb4-f239-4309-95b2-7f998bb9efe1%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/51DB1D7B-1CC0-4B50-A26C-D98FB781ED82%40gmail.com.
