【发布时间】:2019-07-16 10:01:15
【问题描述】:
该站点有两个 URL。对外是https://example.com:543 内部是https://example.com。 端口 543 的外部请求在内部路由到端口 443,因此使用端口 443 的单个虚拟主机,但使用了多个 ProxyPass 条目。 问题是在任何给定时间,只有 https://example.com:543 和 https://example.com 之一通过禁用 VirtualHost 文件中的一个 ProxyPass 条目来工作。两者可以共存和工作吗?
# ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
# ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
下面是完整的虚拟主机配置
<VirtualHost *:443>
ServerName example.com
ErrorLog /var/log/apache2/ssl_error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
TransferLog /var/log/apache2/ssl_access_log
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateChainFile /etc/apache2/ssl/example_com.ca-bundle
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# Balance load between 4 ZEO front-ends
<Proxy balancer://lbyourorganization>
BalancerMember http://127.0.0.1:8081/
BalancerMember http://127.0.0.1:8082/
BalancerMember http://127.0.0.1:8091/
BalancerMember http://127.0.0.1:8092/
# Use Pending Request Counting Algorithm (s. http://httpd.apache.org/docs/current/mod/mod_lbmethod_bybusyness.html).
# This will reduce latencies that occur as a result of long running requests temporarily blocking a ZEO client.
# You will need to install the separate mod_lbmethod_bybusyness module in Apache 2.4.
ProxySet lbmethod=bybusyness
</Proxy>
ProxyPass /balancer-manager !
# ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
# ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
</VirtualHost>
【问题讨论】:
-
您好,确认一下:当您说“端口 543 的外部请求在内部路由到端口 443”时,这是否发生在 Apache HTTPD 之外?是否可以让 Apache 做这个路由?
-
您能否再澄清一下您的问题,这有点令人困惑。
-
@RichardNeish - 是的,它发生在 Apache 之外。路由器使用端口地址转换将端口 543 上的外部流量重定向到内部端口 433。这是因为同一主机上有两个虚拟机具有一个公共 IP。因此,端口 443 只能在外部的一台虚拟机上工作。因此,两个端口 443 和 543 以及内部重定向。
标签: apache virtualhost proxypass