How to set up a proxy location for all paths except some with apache2?
I've got several webapps running on my webserver:
- SVN Repository Browser, accessible via
https://beta.mydomain.tld/svn/repos - Trac instance, accesible via
https://beta.mydomain.tld/trac - My own java web application, accessible via
http://beta.mydomain.tld/, using a Proxy for the local Apache Tomcat on port 8080
Please note that the first two are available via SSL, the third is not (yet). Now I need to make my web app available via https, but I want Trac and SVN Browser still to be accessible in their current location.
I.e. I am trying to configure apache2 to proxy all requests not starting with svn or trac to Tomcat.
For the existing SSL web apps, there's the following configuration
<Location /svn/repos>
DAV svn
SVNParentPath /home/myuser/svn
SVNListParentPath on
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /home/myuser/.htpasswd
Require valid-user
</Location>
<Location /trac>
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /home/myuser/trac
PythonOption TracUriRoot /trac
AuthType Basic
AuthName "Trac"
AuthUserFile /home/myuser/.htpasswd
Require valid-user
</Location>
I tried to add the following location, but it did not help anything...
<Location />
ProxyPass http://localhost:8080
ProxyPassReverse http://localhost:8080/
</Location>
For further information, here is the complete apache2 configuration regarding the SSL part (without any of my failed trials in it - I think it is default trac configuration):
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName beta.mydomain.tld:443
DocumentRoot /var/www/
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl.crt
SSLCertificateKeyFile /etc/ssl/private/ssl.key
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Location /svn/repos>
DAV svn
SVNParentPath /home/myuser/svn
SVNListParentPath on
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /home/myuser/.htpasswd
Require valid-user
</Location>
<Location /trac>
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /home/myuser/trac
PythonOption TracUriRoot /trac
AuthType Basic
AuthName "Trac"
AuthUserFile /home/myuser/.htpasswd
Require valid-user
</Location>
Answer
Just put ProxyPass ! into those two Location blocks. That stops proxying for the locations concerned.