堆栈内存溢出
  简体   繁体   English

禁止 docker 容器 403 的 apache2 反向代理?

[英]apache2 reverse proxy to docker container 403 forbidden?

 原文  2020-01-21 20:59:25       apache/ docker/ proxy/ apache2/ reverse

问题描述

I've set up apache2 on Ubuntu 18.04 on a VPS - I'm having SSL certificate problems, but anyway, I've set the default conf to reverse proxy to an unsecure docker container, currently running a test node app (I want to use .net core eventually.) Here's the settings in the conf file:我已经在 VPS 上的 Ubuntu 18.04 上设置了 apache2 - 我遇到了 SSL 证书问题,但无论如何,我已经将默认配置设置为反向代理到一个不安全的 docker 容器,目前正在运行一个测试节点应用程序(我想最终使用 .net core。)这是 conf 文件中的设置:

    <VirtualHost 77.68.7.249:443>
            ServerName www.thegatehousewereham.com
            ServerAlias *.thegatehousewereham.com
            ServerAdmin webmaster@thegatehousewereham.com

            ProxyPreserveHost On
            ProxyPass / http://localhost:8000/
            ProxyPassReverse / http://localhost:8000/

            <Proxy http://localhost:8000/*>
              Order deny,allow
              Allow from all
            </Proxy>

I'm getting a 403 forbidden in the browser - in the error.log I see:我在浏览器中收到 403 禁止 - 在 error.log 中我看到:

[Tue Jan 21 20:56:11.109712 2020] [authz_core:error] [pid 1251:tid 140677341959936] [client 94.197.37.81:53133] AH01630: client denied by server configuration: proxy: http://localhost:8000/ [Tue Jan 21 20:56:11.216718 2020] [authz_core:error] [pid 1251:tid 140677493028608] [client 94.197.37.81:53133] AH01630: client denied by server configuration: proxy: http://localhost:8000/favicon.ico , referer: https://www.thegatehousewereham.com/ r [星期二20年1月21日:56:11.109712 2020] [authz_core:错误] [PID 1251:TID 140677341959936] [客户端94.197.37.81:53133] AH01630:客户端通过服务器配置被拒绝:代理: HTTP://本地主机:8000 / [星期二20年1月21日:56:11.216718 2020] [authz_core:错误] [PID 1251:TID 140677493028608] [客户端94.197.37.81:53133] AH01630:客户端通过服务器配置被拒绝:代理: HTTP://本地主机:8000 /图标。 ico ,referer: https://www.thegatehousewereham.com/r

Could this be a firewall issue?这可能是防火墙问题吗?

Any help appreciated.任何帮助表示赞赏。 Spending too long on this, just want to get on.在这上面花费太长时间,只想继续。 Thanks, Andy.谢谢,安迪。

UPDATE: I'm using apache 2.4 and I'm not sure about that proxy instruction.更新:我使用的是 apache 2.4,但我不确定该代理指令。 i changed it to我把它改成

            <Proxy http://localhost:8000/*>
              Require all granted
            </Proxy>

and now I see this:现在我看到了:

[Tue Jan 21 21:57:01.084817 2020] [proxy:warn] [pid 6618:tid 139968717412096] [client 94.197.37.81:54689] AH01144: No protocol handler was valid for the URL / (scheme 'http'). [Tue Jan 21 21:57:01.084817 2020] [proxy:warn] [pid 6618:tid 139968717412096] [client 94.197.37.81:54689] AH01144:没有有效的 URL 协议 /http 处理程序If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.如果您使用的是 mod_proxy 的 DSO 版本,请确保使用 LoadModule 将代理子模块包含在配置中。 [Tue Jan 21 21:57:01.169791 2020] [proxy:warn] [pid 6618:tid 139968709019392] [client 94.197.37.81:54688] AH01144: No protocol handler was valid for the URL /favicon.ico (scheme 'http'). [Tue Jan 21 21:57:01.169791 2020] [proxy:warn] [pid 6618:tid 139968709019392] [client 94.197.37.81:54688] AH01144: 没有有效的 URL 协议 / 的 http 协议处理程序)。 If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule., referer: https://thegatehousewereham.com/如果您使用的是 mod_proxy 的 DSO 版本,请确保使用 LoadModule 的配置中包含代理子模块。参考: https : //thegatehousewereham.com/

I'm not sure this is an improvement, but it's different.我不确定这是一种改进,但它是不同的。

1 个解决方案

解决方案1
 0  2020-01-21 22:09:46

OK, so using the proper Proxy scheme got me somewhere - I think made sure i had enabled the modules proxy, proxy_http and proxy_balancer - the first two were already enabled - the third it 'said' was already enabled, but this was the output:好的,所以使用正确的代理方案让我在某个地方 - 我想确保我已经启用了模块代理,proxy_http 和 proxy_balancer - 前两个已经启用 - 第三个它“说”已经启用,但这是输出:

a2enmod proxy_balancer Considering dependency proxy for proxy_balancer: Module proxy already enabled Considering dependency alias for proxy_balancer: Module alias already enabled Considering dependency slotmem_shm for proxy_balancer: Enabling module slotmem_shm. a2enmod proxy_balancer 考虑proxy_balancer的依赖代理:模块代理已经启用考虑proxy_balancer的依赖别名:模块别名已经启用考虑proxy_balancer的依赖slotmem_shm:启用模块slotmem_shm。 Enabling module proxy_balancer.启用模块 proxy_balancer。 To activate the new configuration, you need to run: systemctl restart apache2要激活新配置,您需要运行:systemctl restart apache2

And now it seems to work ok - I'm seeing the application ok, it's all under SSL.现在它似乎工作正常 - 我看到应用程序正常,它都在 SSL 下。 We'll see how it goes from here.我们将看看它是如何从这里开始的。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 禁止使用Apache2 403 - Apache2 403 Forbidden 403 Apache2的禁止错误 - 403 Forbidden Error with Apache2 apache错误-通过Nginx反向代理在虚拟主机上禁止403 - apache error - 403 forbidden on virtual host via nginx reverse proxy Docker容器中Apache反向代理的最小配置 - Minimal configuration for Apache reverse proxy in Docker container BaGet 与 Apache2 反向代理在 Docker 组合不工作 - BaGet with Apache2 Reverse Proxy on Docker Compose not working 反向代理 apache2 后面的 Mattermost docker 重定向错误 - Bad redirection of Mattermost docker behind reverse proxy apache2 Apache2 反向代理和 websocks - Apache2 reverse proxy and websocks apache2反向代理配置 - apache2 reverse proxy configuration Apache2反向代理重定向 - Apache2 Reverse Proxy Redirection Apache2服务器上的403禁止错误 - 403 Forbidden Error on Apache2 server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM