Is it possible to use "%{HTTP_HOST}" in ProxyPass?

apache mod-rewrite apache2 mod-proxy proxypass
Roy Reznik picture Roy Reznik · Mar 28, 2013 · Viewed 9.4k times · Source

I'm trying to implement a transparent proxy using apache2 and mod_proxy that for now - doesn't do anything. just forwards the traffic to the correct "host".

I don't want it to be host-dependant - but dynamic so it'll work for all hosts. I tried to do this:

RewriteEngine on
RewriteLogLevel 5
RewriteLog "/var/log/apache2/rewrite.log"
RewriteRule ^(.*)$ $1
ProxyPass / http://$1

I also tried several other approaches (none worked). Is there any way I can access the "host" from the header and use it in the ProxyPass directive?

In nginx I would use $host, $remote_addr, etc.. any way to replace that on apache?

What I need is to be able to access %{HTTP_HOST}, %{REQUEST_URI} and %{SERVER_PORT} inside the ProxyPass command.

Answer

brakertech picture brakertech · Sep 18, 2013

To use Apache ProxyPass directives with dynamic hostnames you will need to also use ModRewrite.

Objective

All requests to the virtualhost will ProxyPass and ProxyPassReverse (also known as an "Apache Gateway") to the %{HTTP_HOST}

The only reason this would make sense to do is if you have localhost entries on the apache server for specfic host names

Examples

Localhost File

10.0.0.2 foo.bar.com    
10.0.0.3 bar.bar.com

How it works

  1. The client makes a request to foo.bar.com (dnslookup is a public IP... YOUR APACHE SERVER)
  2. Your apache server has a localhost entry of 10.0.0.2 for foo.bar.com (some other server on your network)
  3. The request goes through ModRewrite and /path1 is appended, then handed off to ProxyPass and ProxyPassReverse
  4. ProxyPass and ProxyPassReverse hand the call off to foo.bar.com at ip 10.0.0.2

Client requests foo.bar.com ---reverse proxies to----> foo.bar.com/path1 (on some OTHER internal server)

Apache Configuration

    <VirtualHost *:443>
    Servername *

    # Must not contain /path1 in path (will add /path1)
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/path1/.*
    RewriteRule ^/(.*) https://%{HTTP_HOST}/path1$1 [NC,R=302,L]

    # Must contain /path1 in path (will send request to the proxy)
    RewriteEngine On
    RewriteOptions Inherit
    RewriteCond %{REQUEST_URI} ^/path1/.*
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [NC,P]

    SSLEngine on
    SSLProxyEngine On
    ProxyRequests Off

    ProxyPass            /  https://$1/
    ProxyPassReverse     /  https://$1/

    ProxyPreserveHost On

    ###################
    # SSL Constraints #
    ###################

    SSLProtocol -ALL +SSLv3 +TLSv1

    # Choose cipher suites
    SSLHonorCipherOrder On
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT

    # SameOrigin The page can only be displayed in a frame on the same origin as the page itself
    Header set X-Frame-Options SAMEORIGIN

    SSLCertificateFile     /etc/apache2/example.crt
    SSLCertificateKeyFile  /etc/apache2/example.key
    SSLCertificateChainFile /etc/apache2/gd_bundle.crt
    SetOutputFilter INFLATE;proxy-html;DEFLATE
</VirtualHost>

Related questions

Is there a way to remove apaches Reverse Proxy Request Headers?

When acting as a reverse proxy, apache adds x-forwarded headers as described here. http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers In my configuration I have configured server A as a forward proxy. There is a rule like …

Read More
Mixing RewriteRule and ProxyPass in Apache

I was working on debugging an issue today related to mixing mod_proxy and mod_rewrite together and I ended up having to use balancer://mycluster in the RewriteRule in order to stop receiving a 404 error from Apache. I have …

Read More
"OR" Flag in .htaccess mod_rewrite

Just found this .htaccess rewrite code RewriteEngine on RewriteCond %{HTTP_HOST} ^my.domain.com$ [NC,OR] RewriteCond %{REQUEST_URI} !public/ RewriteRule (.*) /public/$1 [L] And I was wondering what was the purpose of the "OR" flag. Already checked the doc http://…

Read More