Reverse Proxy + SSL Help

cydneyhelms · 2018-05-02T14:24:26.000Z

So for the last two days I have been struggling with setting up a Apache2 Reverse Proxy. Involved in this are 3 servers, all VMs, all on the same network. The proxy server is accessible from its public IP and subdomain name. ( Well say its PROXY.MYDOMAIN.COM) and gave me the default ‘Apache2 is working’ page. The proxy server is the only server with a public face and ports 80 and 443 are forwarded to the proxy server. The proxy also has a SSL cert from letsencrypt by way of certbot and redirects 80 to 443.

The two servers that are internal are a Wordpress site and a Nextcloud server, both are completely separate VMs.

I have set the ports for Wordpress 80 = 8001, 443 = 8002 (SSL though it has no cert) and Nextcloud 80 = 8003, 443 = 8004 (It has a self signed cert.)

Wordpress was installed in /var/www/html/wordpress. I have set the /wordpress dir at the apache2 home dir so when you got to the servers IP 11.11.11.11:8001 there is no need to add …8001/wordpress

Nextcloud was installed in /var/www/html/nextcloud. Nextcloud I have not set the apache2 home dir to the nextcloud dir so you have to go to 22.22.22.22:8003/nextcloud to reach the site.

wordpress vhost

<VirtualHost *:80>
ServerName PROXY.MYDOMAIN.COM
Redirect / https:// PROXY.MYDOMAIN.COM/
RewriteEngine on
RewriteCond %{SERVER_NAME} = PROXY.MYDOMAIN.COM
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

end of line

wordpress ssl vhost

ProxyRequests Off
ProxyPreserveHost On

SSLEngine on

ServerName PROXY.MYDOMAIN.COM
ProxyPass / http://11.11.11.11:8001/
ProxyPassReverse / http://11.11.11.11:8001/
RequestHeader set X-Forwarded-Proto “https”

SSLCertificateFile /etc/letsencrypt/live/PROXY.MYDOMAIN.COM/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/PROXY.MYDOMAIN.COM/privkey.pem

Include /etc/letsencrypt/options-ssl-apache.conf

end of line

So when I go to http://PROXY.MYDOMAIN.COM I am redirected to https://PROXY.MYDOMAIN.COM
and the wordpress site loads… kind’a. See the attachment.

One question I still am not sure about, is it possible to use the same subdomain http://PROXY.MYDOMAIN.COM with a reverse proxy so server the two sites? Like say the home ( http://PROXY.MYDOMAIN.COM ) is the wordpress site and the nextcloud is http://PROXY.MYDOMAIN.COM /nextcloud?

I have looked over various sites trying to figure out where I’m going wrong. I know someone will mention this so let me go ahead and answer. I have tried this with Nginx as well never could get it to work or even display anything. A lot of these ‘its so easy guides’ assume a little to much about the person that’s using them. Admittedly I have more experience with Apache2 but I’m still not the most learned when it comes to this type of project.

Thanks in advanced for any help or advice.

wp-through-proxy.png752×498 12.2 KB

@georgegrous8242

dbeato · 2018-05-23T22:53:39.000Z

I usually setup Ngnix for it as below:

MangoLassi – 17 Nov 15

Setting up Nginx on CentOS 7 as a reverse proxy

This is a pretty straight forward process. I always start with CentOS 7 Minimal as a base install image. Update the system yum -y update Install the epel yum...

The same logic goes with Apache, you will create one Virtual Host for each site so it will be like below:

proxy.domain.com (Wordpress)

proxy2.domain.com (NextCloud)

dbeato · 2018-05-23T22:54:05.000Z

A good APache tutorial is below:

https://seeq12.atlassian.net/wiki/spaces/KB/pages/116188360/Apache+Reverse+Proxy+for+HTTPS+on+Ubuntu