Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Apache>
  3. Users
Double or chained proxy with mod_proxy
cscal at protonmail
Jun 8, 2023, 10:27 AM
Post #1 of 2 (123 views)
Permalink
Hello,

I have a reverse proxy set up and working correctly for an internal website. I have now been asked to create another proxy to connect to the reverse proxy (and ultimately the internal website). The second proxy does not have direct network access to the internal website, but it does have network access to the reverse proxy. Its function is to provide access to that internal website for parts of our network that don't have access to the reverse proxy or the internal website.

I have tried setting the second proxy as a reverse proxy pointing to the original reverse proxy, but this gave "Bad Request" errors. Then I tried setting it as a forward proxy, then started playing with ProxyRemote and NoProxy, but nothing seems to work. I expect that when I go to "secondproxy.local.domain:listenport", it should return the internal website, just like what happens when I go to "originalreverseproxy.local.domain:listenport"

Is this possible? What do I need to do to achieve this?

Thank you,
cscal

Sent with [Proton Mail](https://proton.me/) secure email.
Re: Double or chained proxy with mod_proxy [ In reply to ]
dferradal at apache
Jun 27, 2023, 4:35 AM
Post #2 of 2 (114 views)
Permalink
El jue, 8 jun 2023 a las 19:28, Charlie Calhoun
(<cscal@protonmail.com.invalid>) escribió:

>
> I have a reverse proxy set up and working correctly for an internal
> website. I have now been asked to create another proxy to connect to the
> reverse proxy (and ultimately the internal website). The second proxy does
> not have direct network access to the internal website, but it does have
> network access to the reverse proxy. Its function is to provide access to
> that internal website for parts of our network that don't have access to
> the reverse proxy or the internal website.
>
> I have tried setting the second proxy as a reverse proxy pointing to the
> original reverse proxy, but this gave "Bad Request" errors. Then I tried
> setting it as a forward proxy, then started playing with ProxyRemote and
> NoProxy, but nothing seems to work. I expect that when I go to
> "secondproxy.local.domain:listenport", it should return the internal
> website, just like what happens when I go to
> "originalreverseproxy.local.domain:listenport"
>
> Is this possible? What do I need to do to achieve this?
>
>
>
Probably you are mixing protocols, like reverse proxy responds to https and
you have set up connection as http or similar, that is one of the most
simple cases of "bad request", or maybe missing "SSLProxyEngine on"
directive when backend you are proxying to uses SSL/TLS.

In any case if you don't show your configuration and error logs it is hard
to tell for sure.

>

--
Daniel Ferradal
HTTPD Project
#httpd help at Libera.Chat

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal