I have written a WebSocket Server on PHP/Apache. I made the WebSocket Secure using mod_proxy_wstunnel.
So, a user connects with WSS://socket.domain.com and the request is redirected to the (WS) protocol, e.g: ws://10.21.55.2:12345/
I'm using proxy pass just because the page is loaded over HTTPS and WwebSocket is on WS protocol.
here is how I redirect WSS ==> WS for socket.domain.com
ProxyPass / ws://10.21.55.2:12345
but the above code is giving 500 Internal Server Error. I dont know why its so. It was working before I rebooted the system.
here is the error log
AH01144: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
You might need to add the mod proxy_wstunnel
a2enmod proxy_wstunnel
Related
This is the warning when I open my phpMyAdmin's login (index) page:
There is mismatch between HTTPS indicated on the server and client.
This can lead to non working phpMyAdmin or a security risk.
Please fix your server configuration to indicate HTTPS properly.
The error should be caused by a loadbalancer in between my client and phpmyadmin itself. SSL terminates on the loadbalancer so the URL being used (that phpmyadmin receives in request headers, I assume) is https://mydomain/phpmyadmin.
The loadbalancer communicates with phpmyadmin via http, so the URL being used between lb and pma is http://mydomain/phpmyadmin (not https).
I found this very fitting article on github: Possibility to deactivate SSL connection #170 which is for Docker containers and describes an env var to be passed to the container called "PMA_ABSOLUTE_URI" to fix the problem.
Which setting would this be in phpmyadmin NON Docker?
Any other solution to my problem is also highly appreciated.
Sidenote: Phpmyadmin works fine after the login. You can log in, there are no warnings after the log in and you can perform all interactions without problems. I am just worried about the warning.
I have exactly the same setup as you are describing. A front load balancer acts as reverse proxy and also as SSL/TLS terminator. The LB talks in plain http with the backend server where phpMyAdmin is running.
When I upgraded from 4.0.4.1 to 4.9.0.1 I got the same warning appearing at the phpMyAdmin login screen as you. I was able to solve this on the reverse proxy by "faking" the protocol from http to https. In my case my reverse proxy is a Nginx web server and just before I'd pass to the backend server, I added X-Forwarded-Proto:
server {
listen 443;
server_name my.phpmyadmin.example.com;
[... log and ssl settings ...]
location / {
include /etc/nginx/proxy.conf;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://backendserver;
}
}
By adding proxy_set_header X-Forwarded-Proto https; this tells the backend server that the client to proxy communication happens over https. Without setting this header, phpMyAdmin probably identifies (not sure, just a guess) that it was loaded on a https:// URL yet the communication (between reverse proxy and phpMyAdmin server) happened over http. Therefore it's a correct warning to be shown.
As soon as Nginx was reloaded, the warning disappared from the phpMyAdmin login screen.
I am using a modified version of the official docker library php:7.0.30-apache image behind a reverse proxy (traefik).
The modifications include an alteration of apache2 default serving port 80 to port 1025. (openshift won't allow root operations like opening ports inside a docker container below 1024)
Now when using redirects inside the container apache2 ignores the HTTP_X_FORWARDED_PORT header and redirects to the correct hostname with port 1025 added.
Example:
The application runs at http://www.app.com (port 80) publicly, internally at http://app.local:1025 and when doing header("Location: web"); it redirects to http://www.app.com:1025/web instead of http://www.app.com/web
I also noticed the following behavior: When using .htaccess files to redirect to https browsers display a "too many redirects error" because both HTTP_X_FORWARDED_PORT and HTTP_X_FORWARDED_PROTO are ignored.
What do I need to do for .htaccess and php header("Location: xyz"); redirects work and respect forwarded headers behind a reverse proxy?
I do understand that this is the correct behavior for the request coming from the reverse proxy to the apache host, I just need to configure apache2 to react to the request that was made to the reverse proxy instead.
I am using nodejs for serving my angular application, and artisan for my laravel API. I would like to let the angular app communicate with the API, but I can't make it work. As far as I know, I can't run both on the same port, as only one app can be run on a port, however, I can't run them on different ports because then my front end app would not be able to send request to the API. I tried to send the request to the server by localhost:8000/login (authentication) but as my front end runs on port 3000 it just can't reach it.
Here's how I start my servers:
node server (starts on port 3000)
php artisan serve (optionally setting port by --port=8000
Is this way even right? I'm new to this kind of concept. What would be the best practice for reaching the API from the frontend?
Update:
When running both servers on the same port I get the error message from google chrome console:
angular.js:11756 POST http://localhost:3000/localhost/login 404 (Not Found)
When running frontend on port 3000 and API on 8000 I get this:
angular.js:11756 XMLHttpRequest cannot load localhost:8000/login. Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https, chrome-extension-resource.
If I don't define the port for the request it uses the same as the server running on (this case port 3000). If I specify the port I get the error above.
One other thing I tried is putting http:// before the url, then I get this error:
angular.js:11756 POST http://localhost:8000/login (anonymous function) # angular.js:11756sendReq # angular.js:11517serverRequest # angular.js:11227processQueue # angular.js:15961(anonymous function) # angular.js:15977Scope.$eval # angular.js:17229Scope.$digest # angular.js:17045Scope.$apply # angular.js:17337(anonymous function) # angular.js:25023defaultHandlerWrapper # angular.js:3456eventHandler # angular.js:3444
:3000/#/login:1 XMLHttpRequest cannot load http://localhost:8000/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 405.
I have made a chat with SocketIO who is working well on local, but i'm trying to deploy it on my Apache server.
I'm using Php + NodeJs, not only Node
I had ERR_CONNECTION_REFUSED error but solved it by opening the good port, Listen 8000 in my ports.conf
My server.js look like this
var io = require('socket.io').listen(8000);
// Socket IO usage
My client.js is
var socket = io.connect('http://[MY SERVER IP]:8000');
// Other client code
I use localhost in local but I changed by my server ip.
But I still have this error
XMLHttpRequest cannot load http://[MY_SERVER_IP]:8000/socket.io/?EIO=3&transport=polling&t=1455101301883-60. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'MY DOMAIN' is therefore not allowed access. The response had HTTP status code 404.
I really don't know what to do, this is the first I try to deploy a Nodejs + php app.
I had read some Stackoverflow questions to try to fix it, but i really don't know how...
I don't knwo if this is due to my Apache conf or I must change some NodeJS or SocketIO conf
Thanks for your help.
I found the problem.
Do not open the NodeJS server port on Apache config. It will make some conflicts and will prevent your Node server to work.
Just change the localhost by your server IP and it will work fine.
I'm searching to configure websocket in Apache web server running in php, using Devristo phpws library to run websocket worker.
When I run php file in the server it gives me this string:
Resource id #442015-12-22T16:41:16+00:00 NOTICE (5): phpws listening on ssl://172.31.29.79:12345
In front-end, build on AngularJS, I tried to established connection with:
var dataStream = $websocket('wss://subdomain.domain.com');
Google Chrome browser's console gives me this error:
WebSocket connection to 'wss://subdomain.domain.com/' failed: Error during WebSocket handshake: Unexpected response code: 200
I've an EC2 AWS instance where I've hosted my source code and I've configured AWS Route 53 with a record set that point to the public IP of the instance through a subdomain.
I don't know how configure a correctly reverse proxy to allow communication.
I tried to set Apache server with a Reverse Proxy, but I think I didn't configure it in the right way.
This is the configuration.
I've created a file in site-avaible calls websocket-ssl.conf and linked in site-enabled with this configuration:
<VirtualHost *:80>
ServerName subdomain.domain.com
ProxyPass / ssl://172.31.29.79:12345/
ProxyPassReverse / ssl://172.31.29.79:12345/
</VirtualHost>
Someone can help me in this? If you want others information ask me :)
Thank you very much
I solved with this configuration.
set a record CNAME calls subdomain.domain.com in AWS Route 53 that
point to my ELB dns name;
open port 12345 in ELB listeners;
in front-end I established connection with:
var dataStream = $websocket('wss://subdomain.domain.com:12345');
That's all