Reverse Proxy on different Server

T0b1a5

5/10/24, 2:26 PM

Hi i’m searching for a way to reverse proxy a Website with Websocket with apache2 but the Website and the Reverse Proxy are running on different Isolated servers.

I’ve tried the normal way to configure it but my setup is not working.

<VirtualHost *:443>

    ServerName domain
 
    ProxyPreserveHost On
    ProxyRequests off

    <Location />
    ProxyPass  http://ip:80/
    ProxyPassReverse  http://ip:80/
    </Location>
    <Location /sub>
    ProxyPass  wss://ip:443/
    ProxyPassReverse  wss://ip:443/
    </Location>


    RewriteEngine on
    RewriteRule ^/\.well-known/host-meta /public.php?service=host-meta [QSA,L]
    RewriteRule ^/\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]

    RewriteRule ^/\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
    RewriteRule ^/\.well-known/carddav /remote.php/dav/ [R=301,L]
    RewriteRule ^/\.well-known/caldav /remote.php/dav/ [R=301,L]
    RewriteRule ^/\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
    RewriteCond ${HTTP:Upgrade} websocket [NC]
    RewriteCond ${HTTP:Connection} upgrade [NC]
    RewriteRule .* "wss:/ip:443/$1" [P,L]




    Protocols h2 http/1.1
    Header always set Strict-Transport-Security: "max-age=63072000; includeSubDomains; preload"

    Header set Content-Security-Policy "frame-ancestors 'self';"

    SSLEngine on
    SSLProtocol             all -SSLv3 +TLSv1.2 +TLSv1.3

    SSLHonorCipherOrder     on
    SSLSessionTickets       off

    SSLUseStapling on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off

    SSLCertificateFile      /etc/letsencrypt/live/cert/fullchain.pem
    SSLCertificateKeyFile   /etc/letsencrypt/live/cert/privkey.pem

    </VirtualHost>

eror log apache:

[Wed May 10 16:31:11.198085 2023] [proxy:error] [pid 54233:tid 139683125876288] (111)Connection refused: AH00957: wss: attempt to connect to ip:443 (ip:443) failed
[Wed May 10 16:31:11.198130 2023] [proxy_http:error] [pid 54233:tid 139683125876288] [client ip:52037] AH01114: HTTP: failed to make connection to backend: ip

130

0 + 7

reverse-proxy

apache2

vidarlo

5/10/24, 2:35 PM

What's your current config? What is not working? Do you get any error messages?

T0b1a5

5/10/24, 3:05 PM

The error massage is WebSocket connection to ‘wss://domain’ failed

vidarlo

5/10/24, 3:30 PM

Correct the typo in `wss:/` and try again - it should be two slashes. Additionally, what does your logs on the server show?

T0b1a5

5/10/24, 4:33 PM

i posted the error code unfortunately wss:// doesnt fix the issue

Gerald Schneider

5/11/24, 11:43 AM

`connection refused` usually means that nothing is listening on the target port. Is the webserver actually running and reachable?

T0b1a5

5/11/24, 12:26 PM

yes if i send the request over https://... it sends me back wss://... answer

T0b1a5

5/11/24, 6:16 PM

i don't really know why but as i have removed the whole part with the ssl versions it started to work thanks for your help

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Reverse Proxy on different Server

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.