Hello Tom Evans, Am 2010-10-07 10:55:59, hacktest Du folgendes herunter: > On Thu, Oct 7, 2010 at 6:51 AM, Michelle Konzack > <[email protected]> wrote: > > ----[ '/etc/apache2/conf.d/apache_proxy' ]------------------------------ > > NameVirtualHost 192.168.0.69:80 > > > > <VirtualHost 192.168.0.69:80> > > ServerName www.tdipmedia.net > > ProxyPass / http://192.168.0.208:80/ > > ProxyPassReverse / http://192.168.0.208:80/ > > <Directory proxy:http://192.168.0.208:80/*> > > Order deny,allow > > Allow from all > > </Directory> > > </VirtualHost> > > ------------------------------------------------------------------------ > Your config doesn't look right to me:
Hmmm, since my three pootle instances where confliction with Apache, I
have setup last year the following config which is working:
----[ '/VServer_10/APACHE_available/pootle.tdwave.net' ]----------------
<VirtualHost 192.168.0.69:80>
ServerAdmin [email protected]
ServerName pootle.tdwave.net
ProxyPass /images !
ProxyPass /js !
ProxyPass /pootle.css !
ProxyPass /favicon.ico !
ProxyPass / http://localhost:8888/
ProxyPassReverse / http://localhost:8888/
<Directory proxy:http://localhost:8888/*>
Order deny,allow
Allow from all
</Directory>
DocumentRoot /usr/share/pootle/html/
<Directory /usr/share/pootle/html/>
Order deny,allow
Allow from all
</Directory>
<Directory />
Options FollowSymLinks Indexes
AllowOverride None
Order deny,allow
Allow from all
</Directory>
# debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
ErrorLog
/VServer_10/CONFIG_pootle.tdwave.net/log/apache/error.log
LogFormat "%{[%Y-%m-%d %H:%M:%S %z]}t %h [%V] %l %u \"%r\" %>s %b
\"%{Referer}i\" \"%{User-Agent}i\"" vhost
CustomLog
/VServer_10/CONFIG_pootle.tdwave.net/log/apache/access.log vhost
ServerSignature On
</VirtualHost>
------------------------------------------------------------------------
and now modified it. the only difference is, that the newServer is NOT
on <localhost> but on IP <192.168.0.208>
> NameVirtualHost 192.168.0.69:80
>
> This says 'When a request comes in on the socket listening on IP
> 192.168.0.69, port 80, use the Host header from the request to infer
> the virtualhost to use'.
Right
> <VirtualHost 192.168.0.69:80>
> ServerName www.tdipmedia.net
>
> </VirtualHost>
>
> This says: 'When a request comes in on 192.168.0.69:80, with Host
> header 'www.tdipmedia.net', use this virtualhost to serve the request'
Right too.
> ProxyPass / http://192.168.0.208:80/
> ProxyPassReverse / http://192.168.0.208:80/
>
> This says: 'Proxy / to the website on http://192.168.0.208:80/'
Right too.
> <Directory proxy:http://192.168.0.208:80/*>
> Order deny,allow
> Allow from all
> </Directory>
>
> This is nonsense. A <Directory> refers to a disk location, nothing
> else. If you wish to restrict who can access a reverse proxy, use a
> <Proxy> directive or a <Location> directive.
Hmmm...
> Well, you haven't specified anything in your config that would result
> in a redirect, you have configured a proxy. Apart from that...
>
> So there are a couple of things you can check.
>
> 1) When you connect to the webserver, are you connecting to 192.168.0.69:80 ?
Yes, and I get:
----[ command 'wget -S -O /dev/null http://www.tdipmedia.net/' ]--------
--2010-10-07 14:26:26-- http://www.tdipmedia.net/
Resolving www.tdipmedia.net... 88.168.69.36
Connecting to www.tdipmedia.net|88.168.69.36|:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 403 Forbidden
Date: Thu, 07 Oct 2010 12:26:26 GMT
Content-Length: 390
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
2010-10-07 14:26:26 ERROR 403: Forbidden.
------------------------------------------------------------------------
<88.168.69.36> is my fixed PUBLIC IP address and all :80 traffic is
redirected to my DMZ on <192.168.0.69> and some of the servers should be
proxyied to Servers behind it like the <192.168.0.208>.
> 2) What Host header are you sending to the server? Typically a browser
> will send the host portion of the URL you type in the address bar -
> does that match 'www.tdipmedia.net'?
> 3) Where are your logs? What 'does not work' - explain what you've
> tried, what the server does when you try that, and what error/info
> messages are printed in the access and error logs.
[Thu Oct 07 14:16:45 2010] [error] [client 192.168.0.65] client denied by
server configuration: proxy:http://192.168.0.208:80/
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsyst...@tdnet France EURL itsyst...@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber [email protected]
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
signature.pgp
Description: Digital signature
