ProxyPass 和 ReverseProxy 在网络外部无法工作

tag-icon tag-icon apache-http-server
ProxyPass 和 ReverseProxy 在网络外部无法工作

我已经与 ProxyPass 斗争了好几个星期了。

我的问题是,当从我的网络外部通过 VMware 客户端或通过我的手机从工作中访问时,我期望来自 Server2 的任何链接的结果都是 Server1 上的 index.php 页面,但在我的网络内部,一切都按预期工作。

我还计划访问 Server2 上的 ZoneMinder 安装,但我会等到我解决了外部访问问题之后再考虑它内部似乎运行正常。

以下是设置,我非常感谢您的帮助以使一切顺利进行。

SteveW - 惠灵顿 - 新西兰

服务器

服务器 1 Raspberrypi2 运行 Raspbian (Debian Jessie)
uname -a = Linux RASPBERRYPI 4.1.13-v7+ #826 SMP PREEMPT 星期五 11 月 13 日 20:19:03 GMT 2015 armv7l GNU/Linux

服务器2 Lenovo M91p 运行 Ubuntu 桌面 14.04 LTS
uname -a = Linux subdomain.domain.nz 3.19.0-47-generic #53~14.04.1-Ubuntu SMP 2016 年 1 月 18 日星期一 16:09:14 UTC x86_64 x86_64 x86_64 GNU/Linux

主机文件

192.168.20.200 上的服务器 1

/etc/hosts

127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

127.0.1.1       raspberrypi

192.168.20.200  domain.nz
192.168.20.210  subdomain.domain.nz

192.168.20.210 上的服务器 2

/etc/hosts

127.0.0.1       localhost
127.0.1.1       domain.nz

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

192.168.20.200 domain.nz
192.168.20.210 subdomain.domain.nz

DNS 区域记录(外部供应商)

domain.nz           A       my_ip_address
www.domain.nz       CNAME   domain.nz
subdomain.domain.nz CNAME   domain.nz

路由器端口转发

192.168.20.200 端口 80 已启用
192.168.20.200 端口 443 已启用

letsencrypt 提供的 SSL 证书

Apache2 .conf 文件

服务器1

/etc/apache2/sites-available/domain.nz 文件如下:-

#domain.nz
#Redirect all incoming requests on 192.168.20.200 port 80 to port 443
<VirtualHost *:80>

    ServerAdmin [email protected]
    ServerName domain.nz
    ServerAlias www.domain.nz
    Redirect permanent / https://domain.nz/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

#Port 443 on 192.68.20.200
<VirtualHost domain.nz:443>

    ServerAdmin [email protected]
    ServerName domain.nz
    #Web pages live below this
    DocumentRoot /var/www/domain.nz/public_html/

#Deny access to /
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Require all denied
</Directory>

#Allow Access to web pages
<Directory /var/www/domain.nz/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/usr/lib/cgi-bin">
    AllowOverride None
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    Require all granted
</Directory>
SSLEngine on
    #Letsencrypt certificates
    SSLCertificateFile /etc/letsencrypt/live/domain.nz/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.nz/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/domain.nz/fullchain.pem

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel debug

    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

#subdomain.domain.nz
<VirtualHost subdomain.domain.nz:80>

    ServerAdmin [email protected]
    ServerName subdomain.domain.nz
    Redirect permanent / https://subdomain.domain.nz/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

<VirtualHost subdomain.domain.nz:443>

    ServerName subdomain.domain.nz
    ProxyHTMLStripComments on
    ProxyRequests off
    SetOutputFilter proxy-html
    ProxyHTMLDoctype HTML

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

<Proxy *>
 Require all granted
</Proxy>

ProxyPass / https://subdomain.domain.nz/
ProxyPassReverse / https://subdomain.domain.nz/
ProxyHTMLURLMap https://subdomain.domain.nz /

<Location />
  Require all granted
</Location>

</VirtualHost>

192.168.20.210 上的服务器 2

Lamp 堆栈安装在 /var/www/domain.nz/public_html/ 网站上。

/etc/apache2/sites-available/subdomain.domain.nz 文件如下:-

#subdomain.domain.nz
#Redirect all incoming requests on 192.168.20.210 port 80 to port 443
<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName subdomain.domain.nz
    DocumentRoot /var/www/subdomain.domain.nz/public_html/
    Redirect permanent / https://subdomain.domain.nz/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

#Port 443 on 192.68.20.210
<VirtualHost *:443>

    ServerAdmin [email protected]
    ServerName subdomain.domain.nz
    #Web pages live below this
    DocumentRoot /var/www/subdomain.domain.nz/public_html/
#Deny access to /
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>
#Allow Access to web pages
<Directory /var/www/subdomain.domain.nz/public_html>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/usr/lib/cgi-bin">
    AllowOverride None
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    Require all granted
</Directory>

SSLEngine on
    #Letsencrypt certificates
    SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.nz/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.nz/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.nz/fullchain.pem

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel debug

    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

相关内容