Is it possible to proxy websocket connections with mod_rewrite?

Exprove

7/22/24, 9:46 PM

Currently, I have an Apache web server configured to respond to myserver.com. Additionally, I have a second web server application listening on port 4321 in localhost on the server. I want this web server to respond to api.myserver.com.

If possible, I would prefer to rely solely on .htaccess present on public_html/api.myserver.com.

Currently, I have both http and https working with the following public_html/api.myserver.com/.htaccess rules:

RewriteCond %{REQUEST_SCHEME} ^(ws|wss)$ [NC]
RewriteRule (.*) ws://localhost:4321/$1 [P,L]

RewriteCond %{REQUEST_SCHEME} !^(ws|wss)$ [NC]
RewriteRule (.*) http://localhost:4321/$1 [P,L]

However, when I try to connect using the ws/wss protocol, it does not work. My guess is that the proxy [P] flag is not upgrading the connection to ws.

Is there an equivalent for .htaccess comparing to ProxyPass like the one below?

ProxyPass "/some/ws/capable/path/" "http://example.com/some/ws/capable/path/" upgrade=websocket

0 + 7

reverse-proxy

apache-2.4

tsc_chazz

7/22/24, 11:45 PM

Does the `ws://` prefix imply a port number? A browser seeing `http://` will routinely assume port 80, `https://` will go to port 443, `ftp://` to port 21. Are you sure that you have Apache listening to the correct port?

HBruijn

7/23/24, 8:58 AM

`If possible, I would prefer to rely solely on .htaccess.` - There's a complete cargo cult of people endlessly using .htaccess files when they shouldn't. Please don't be another one. The [manual recommends](https://httpd.apache.org/docs/2.4/howto/htaccess.html#when) ***"use of `.htaccess` files should be avoided when possible"*** - Second: there are several examples and condition here: https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html

Exprove

7/23/24, 11:00 AM

@tsc_chazz `ws://api.myserver.com/ws` should proxy to `ws://localhost:4321/ws` so if I understood correctly, no the `ws://` does not imply a port number. As far as I know ws protocol are normally listen to the same http/https port (ws/wss respectively)

Exprove

7/23/24, 11:02 AM

@HBruijn I know that I should not rely on `.htaccess`, however I have not full control of the server. `mod_proxy_wstunnel` has a deprecation warning: `Since Apache HTTP Server 2.4.47, protocol Upgrade (tunneling) can be better handled by mod_proxy_http.`. Indicating that `ProxyPass "/some/ws/capable/path/" "http://example.com/some/ws/capable/path/" upgrade=websocket` should be used.

tsc_chazz

7/23/24, 5:29 PM

Would it be possible to use the actual name of the server in your redirect instead of `localhost`? I note that the ProxyPass statements you've quoted use a hostname.

Exprove

7/23/24, 5:47 PM

@tsc_chazz I don't think so because this 2nd webserver is only listening to the loopback ip (localhost), is not accessible to the public (only via the proxy), so `myserver.com:4321` is not responding.

tsc_chazz

7/23/24, 6:01 PM

I'm going to suggest that you open that port to the public IP, just as a test, and change the redirect to `myserver.com:4321`. If it works, then the problem is that `localhost`. If not, we can look for something else. But I've been burned a few times thinking that a `localhost` redirect would work that way, and found it didn't.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is it possible to proxy websocket connections with mod_rewrite?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.