stackoom
  简体   繁体   中英

Connection Refused to all sites using ProxyPass

 原文  2021-11-04 17:28:31       apache/ virtualhost/ httpd.conf/ mod-proxy

Question

I am trying to set up proxy forwarding for a https site that I want to move to another internal server. A want the remote server to handle the certificates as well.

The issue is, when using the code below, all 1000 websites go down. Not just the site in question. In the browser I get "Connection Refused" for all 1000 websites. So I think it's a configuration error. Although when I run sudo apachectl configtest it comes back with Syntax OK .

Can anybody see what I am doing wrong here? After exhaustive search on SO, and other platforms, I cannot for the life of me see what's wrong with this configuration.

<VirtualHost *:443>
    ServerName myfunkywebsite.com

    ProxyRequests Off
    <Proxy *:443>
        Order deny,allow
        Allow from all
    </Proxy>

    SSLProxyEngine on
    ProxyPreserveHost On
    ProxyPass / https://10.0.0.3:443/
    ProxyPassReverse / https://10.0.0.3:443/
    <Location />
        Order allow,deny
        Allow from all
    </Location>
</VirtualHost>

NOTE That this DOES work if I just use straight http -- I am super confused where the issue lies, and why all sites would be affected as if Apache itself is failing.

<VirtualHost *:80>
    ServerName myfunkywebsite.com

    ProxyRequests Off
    <Proxy *:80>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPreserveHost On
    ProxyPass / https://10.0.0.3:80/
    ProxyPassReverse / https://10.0.0.3:80/
    <Location />
        Order allow,deny
        Allow from all
    </Location>
</VirtualHost>

Modules enabled:

mod_proxy
mod_proxy_connect
mod_proxy_html
mod_proxy_http

1 answers

solution1
 0  2021-11-04 21:12:48

From this Apache server check if you can access the backend server directly via curl

curl -v https://10.0.0.3:443/

If it didn't come back with HTTP Response 200 OK Then the issue is in the backend server you need to configure it properly and make sure it listens to port 443

If it came back with 200 OK then there could be security rule that forbid the apache host to access the backend one If servers OS is Redhat/CentOS, It may also worth to check if SELinux is enabled and if so then try with SELinux disabled

To check:

getenforce

To disable it

setenforce 0
sed '/Enforcing/s//permissive/g' -i /etc/sysconfig/selinux

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache ProxyPass all requests Using ProxyPass for pages but not images Using httpd ProxyPass with DirectoryIndex using regex for proxypass “Connection refused: localhost:8089” error (using xampp) Connection refused when using cross origin Connection refused using Dashing with Raspberry Pi Webview Localhost Connection refused using 10.0.2.2 address Redirecting http to https using ReWrite rule using AWS sends all requests to default webroot instead of using ProxyPass Shiny server ProxyPass using apache
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM