Jim -- tnx -- see below
On 2020-03-19 4:05 p.m., Jim Albert wrote:
On 3/19/2020 3:48 PM, Stormy wrote:
I have, on Apache 2.4.7:
https://mysite.com/ which runs a Perl/Mysql based application perfectly
and a parallel "staff only" accessed (now) only on our LAN to edit the
above public application.
I need to add "outside" access for staff working from home, so that I
would end up with e.g.
https://mysite.com/ [working exactly as before]
and
https://mysite.com/foo [for the "staff_only", fully working on LAN]
I have tried variations of: Redirect permanent "/foo/"
"http://mysite.com/staff_only/"; -- but end up with 404 every time.
Is there an elegant solution for this?
Many thanks -- Paul
You need to explain in more detail what you are trying to do.
Is mysite.com referencing the same server whether accessed publicly or
privately?
Yes -- its a standalone LAMP server with a very large Mysql db with
public access for output, and a staff interface to edit the data. It is
behind an Nginx front end server to four others and which takes care of
Letsencrypt, firewall etc.
Are you trying to use split-DNS to reference public vs private servers
so you can use the same domain name to access a private server across a
VPN?
Split-DNS, if I understand the term is already in place on the LAN, the
app is on 192.168.1.50 and the editing is on 192.168.1.50, but Bell only
give us a single static public IP. (I'm not certain that this meets the
definition of VPN)
If staff-only is confidential and on the same server as public
mysite.com you still have some significant risks which can be mitigated
with apache access controls (.htaccess for example)... but still not a
very good idea.
If none of above is relevant to what you want to do then your redirect
is to an http resource where you reference https everywhere else... is
that your problem?
All the public interfaces are https (I tried that in the "Redirect" and
get 404)
If still none of my discussion is relevant then what is the purpose of
https://mysite.com/foo redirecting to staff_only... why not just use a
URL directly to staff_only?
I maybe oversimplified: the site is in fact https://database.mysite.com
which goes direct to the public app. I was looking to add /foo (even
/gobble-de-gook-foo) for hopefully temporary "staff at home" access.
If working from home is completely new to your company (and I imagine
there's a lot of that with current health concerns) and security is a
concern then opening up private resources on a public server is not a
good idea and you should look into some secure remote access solutions
to access private servers across a vpn.
The staff resources are of course pw protected. A vpn might make sense,
but I have no experience (virt-manager, Gnome-boxes whatever would put
me into a brand new learning curve :={ )
I was just hoping for a simple Apache redirect that can be put in place
quickly as a temporary work-around and removed just as quickly.
Thanks -- paul
Jim Albert
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
