服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 使用Apache作为https反向代理清漆
Intereting Posts
Hyper-V 2012复制到多个主机 VPN连接阻止互联网访问 如何使IIS 7将所有请求传递给asp.net 对某些(本地)用户进行stream量整形 如何获得ntbackup在Backup \ LTO Ultrium介质池中显示项目,以便它们可以恢复 如何从Microsoft Fixit Center Pro获取UDE报告? 我的Exchange设置需要什么SSL证书? 在Docker Compose文件中使用networking 在端口80上configurationNOT的IIS 7上的Sencha Ext JS 4框架示例不起作用 将32位SQL Express 2008数据库迁移到64位SQL Server 2008 Standard 有什么可以做,以改善时间同步networking零星的互联网接入? IIS 7.5服务器上的YII框架权限问题 build议使用apache的pagespeed反向代理服务器的configuration 康柏智能arrays431与3.13内核 假脱机时,域名不能parsing

使用Apache作为https反向代理清漆

debian jessie中,我试图用varnish反向代理服务https,并且find了以下解决scheme: http : //davidbu.ch/mann/blog/2015-03-20/varnish-and-https-apache.html :apachepipe理端口443上的ssl东西,然后传递给端口80上的清漆,端口8080上传递给apache。

但是,请求https://myserver.com/index.html我在浏览器中: 

 403 Forbidden You don't have permission to access / on this server.

Apache的error.log说: 

 [authz_core:error] [pid 12662] [client 151.16.175.15:38240] AH01630: client denied by server configuration: proxy:http://127.0.0.1:80/index.html

我错过了什么?

我的虚拟主机定义 

 <VirtualHost *:8080> ServerAdmin [email protected] ServerName myserver.com DocumentRoot /home/paolo/weewx <Directory /home/paolo/weewx/> DirectoryIndex index.html Options FollowSymLinks AllowOverride All Require all granted order allow,deny allow from all </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn # ErrorDocument 404 /index.html CustomLog /var/log/apache2/access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin [email protected] ServerName myserver.com DocumentRoot /home/paolo/weewx/ <Directory /home/paolo/weewx/> DirectoryIndex index.html Options FollowSymLinks AllowOverride All order allow,deny allow from all </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn # ErrorDocument 404 /index.html CustomLog /var/log/apache2/access.log combined ProxyPreserveHost On ProxyPass / http://127.0.0.1:80/ ProxyPassReverse / http://127.0.0.1:80/ RequestHeader set X-Forwarded-Port "443" RequestHeader set X-Forwarded-Proto "https" Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/qumran2/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/qumran2/privkey.pem </VirtualHost> </IfModule>

我不会在虚拟主机条目中设置文档根目录,该条目只能用于代理请求。 特别是当你包含一个AllowOverride All指令时,可以使用.htaccess文件。

对于debugging,也可以帮助为每个虚拟主机条目定义单独的日志文件。 

 <VirtualHost *:443> ServerAdmin [email protected] ServerName example.com LogLevel warn ErrorLog /var/log/apache2/example.com-ssl-error.log CustomLog /var/log/apache2/example.com-ssl-access.log combined ProxyPreserveHost On ProxyPass / http://127.0.0.1:80/ ProxyPassReverse / http://127.0.0.1:80/ RequestHeader set X-Forwarded-Port "443" RequestHeader set X-Forwarded-Proto "https" Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/qumran2/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/qumran2/privkey.pem </VirtualHost>

你可以直接从端口8080请求资源,例如curl --verbose --header 'Host: example.com' 'http://localhost:8080/index.html'来查看VirtualHost是否是问题。

如果不是, 然后在端口80上尝试清漆,看看问题是否在清漆。 curl --verbose --header 'Host: example.com' 'http://localhost:80/index.html