Start a new topic

Problem with Reverse Proxy

myriad @ Sat Jul 19 08:41:35 EEST 2014
I have set up the CrushFTP reverse proxy according to the instructions and I am getting a 503 error and this shows up in the Apache2 logs:

[code][Sat Jul 19 09:26:18.139552 2014] [core:notice] [pid 31551:tid 140008886900608] AH00094: Command line: '/usr/sbin/apache2'
[Sat Jul 19 09:26:31.655324 2014] [proxy:error] [pid 32140:tid 140008785729280] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8080 (127.0.0.1) failed
[Sat Jul 19 09:26:31.655400 2014] [proxy:error] [pid 32140:tid 140008785729280] AH00959: ap_proxy_connect_backend disabling worker for (127.0.0.1) for 60s
[Sat Jul 19 09:26:31.655417 2014] [proxy_http:error] [pid 32140:tid 140008785729280] [client 206.248.137.132:63902] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
[Sat Jul 19 09:26:32.698362 2014] [proxy:error] [pid 32140:tid 140008777336576] AH00940: HTTP: disabled connection for (127.0.0.1)[/code]

I have 3 static public IP's mapped to this server. In the Server Interface I have the main IP set in the 'IP' field and port 8080. It seems like the RP is initiating but gets stopped at the Apache server. Any idea why this is not working? I am using Ubuntu 14.04.

EDIT:
When I set the IP field to 'lookup' I get a different message "The selected resource was not found.", but no errors show up in the Apache logs. And any attempt to connect to the https gets me a redirect error until I stop the Apache server.

spinkb @ Sat Jul 19 08:51:49 EEST 2014
If you hard code the CrushFTP IP, you have an issue in that 127.0.0.1 isn't being used so you have to point Apache to the hard coded IP. By leaving it as "lookup", its bound to all IPs and is fine.

When you get the selected resource was not found, we need to see the CrushFTP.log entries, and we need to see *exactly* what you put in your apache config, and the CrushFTP prefs, http port, advanced, reverse proxy config area.

Thanks,
Ben
myriad @ Sat Jul 19 09:11:33 EEST 2014
Wow! I like this support :lol:

Here is the server config:
[code]
ServerName server2.schoolediting.com
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
[/code]

Here are the log entries:
[code]07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] READ: *GET /crushftp/WebInterface/Resources/js/jquery-1.7.2.min.js HTTP/1.1*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] READ: *Host: server2.schoolediting.com:8080*
07/19/2014 09:44:39 AM|[HTTP:2345:lookup:8080] Accepting connection from: 206.248.137.132:64263
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] READ: *Referer: http://server2.schoolediting.com:8080/WebInterface/login.html*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] READ: *GET /crushftp/WebInterface/jQuery/js/jquery-ui-1.8.2.custom.min.js HTTP/1.1*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] READ: *Host: server2.schoolediting.com:8080*
07/19/2014 09:44:39 AM|[HTTP:2345:anonymous:206.248.137.132] READ: *Referer: http://server2.schoolediting.com:8080/WebInterface/login.html*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *HTTP/1.1 404 Not Found*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *The selected resource was not found.*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *HTTP/1.1 404 Not Found*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *The selected resource was not found.*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *HTTP/1.1 404 Not Found*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *The selected resource was not found.*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *HTTP/1.1 404 Not Found*
07/19/2014 09:44:39 AM|[HTTP:2345::206.248.137.132] WROTE: *The selected resource was not found.*
07/19/2014 09:44:39 AM|[HTTP:2344::206.248.137.132] READ: *GET /WebInterface/images/wheel.gif HTTP/1.1*
07/19/2014 09:44:39 AM|[HTTP:2344::206.248.137.132] READ: *Host: server2.schoolediting.com:8080*
07/19/2014 09:44:39 AM|[HTTP:2344::206.248.137.132] READ: *Referer: http://server2.schoolediting.com:8080/WebInterface/login.html*
07/19/2014 09:44:39 AM|[HTTP:2344::206.248.137.132] WROTE: *HTTP/1.1 200 OK*
[/code]

And screen shots:
[img]http://myriad.ca/crush.1.jpg[/img]
[img]http://myriad.ca/crush.2.jpg[/img]
spinkb @ Sat Jul 19 10:05:52 EEST 2014
In the prefs, http port, advanced...your reverse proxy path should be '/' and not '/crushftp/'.

Thanks,
Ben
myriad @ Sat Jul 19 15:56:49 EEST 2014
Thanks Ben, that works now. One more question; How do I force users on to HTTPS? Do I have to proxy the https too, or do I just check 'Redirected to HTTPS://' on the http?
spinkb @ Sat Jul 19 17:11:57 EEST 2014
If HTTPS is also owned by Apache, you have to do the exact same scenario for that port as well.

I might suggest just a bit of custom javascript on the login page to look to see if its HTTPS or not, and redirect their browser page to https if its not.

Thanks,
Ben
myriad @ Mon Jul 21 08:00:09 EEST 2014
It all works (including the https) but the only issue I now have is that when I add other subdomains to Apache (I wanted to use PHPmyadmin), it always re-directs to Crushftp. I thought (maybe incorrectly), that if you wanted to use Apache (to serve more than one site off of the same server) and have Crushftp co-exist on the same server you needed to set up RP. Am I wrong about this?
spinkb @ Mon Jul 21 08:03:18 EEST 2014
Apache can do different configs based on a domain...that is all in your apache config.

So its possible, you just have an issue in apache currently.
myriad @ Mon Jul 21 08:06:54 EEST 2014
Well. I only have the RP set up for Crushftp and an additional subdomain set up to administer PHPmyadmin but the server re-directs ALL traffic to the Crushapp. Is RP for running more than 1 web domain off of the same server? If that is so I will try to figure out why everything is getting re-directed. I just wanted to know if I was doing it right and not barking up the wrong tree.

In short - I only want the Crushftp server to respond to server2.schoolediting.com not *.schoolediting.com.
spinkb @ Mon Jul 21 10:15:20 EEST 2014
That is all apache config stuff...I'm not an expert in it. I fight with apache every time I have to make changes in my own config...

Now I use CrushFTP as my reverse proxy, and redirect from it to other domains.

But you can do this in apache...just have to get your config right. Order matters, location of config matters (inside a <virtual tag or something like that, I forget. I'm just not familiar with exact syntax in apache...that is outside the scope of CrushFTP, and its something you have to configure yourself. CrushFTP is working fine, its just your apache config is forwarding more than you want to it.

--Ben>
Login to post a comment