Centos – Apache reverse proxy configuration for multiple domains

apache-2.2centosreverse-proxyweb-server

I am newbie. I have 1 LAMP CentOS server, which hosts 3 websites with the following Apache httpd.conf configuration:

NameVirtualHost *:80
NameVirtualHost *:443

<VirtualHost *:80>
    ServerAdmin mail@domaina.com
    DocumentRoot /home/www/html/domaina.com
    ServerName www.domaina.com
    ServerAlias *.domaina.com
    ScriptAlias /cgi-bin/ "/home/www/html/domaina.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit
    ErrorLog /home/log/domaina.com-error_log
    CustomLog /home/log/domaina.com-access_log common
</VirtualHost>
<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key   
    ServerAdmin mail@domaina.com
    DocumentRoot /home/www/html/domaina.com
    ServerName www.domaina.com
    ServerAlias *.domaina.com 
    ScriptAlias /cgi-bin/ "/home/www/html/domaina.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit 
    ErrorLog /home/log/domaina.com-error_log
    CustomLog /home/log/domaina.com-access_log common
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin mail@domainb.com
    DocumentRoot /home/www/html/domainb.com
    ServerName www.domainb.com
    ServerAlias *.domainb.com
    ScriptAlias /cgi-bin/ "/home/www/html/domainb.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit
    ErrorLog /home/log/domainb.com-error_log
    CustomLog /home/log/domainb.com-access_log common
</VirtualHost>
<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key   
    ServerAdmin mail@domainb.com
    DocumentRoot /home/www/html/domainb.com
    ServerName www.domainb.com
    ServerAlias *.domainb.com 
    ScriptAlias /cgi-bin/ "/home/www/html/domainb.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit 
    ErrorLog /home/log/domainb.com-error_log
    CustomLog /home/log/domainb.com-access_log common
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin mail@domainc.com
    DocumentRoot /home/www/html/domainc.com
    ServerName www.domainc.com
    ServerAlias *.domainc.com
    ScriptAlias /cgi-bin/ "/home/www/html/domainc.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit
    ErrorLog /home/log/domainc.com-error_log
    CustomLog /home/log/domainc.com-access_log common
</VirtualHost>
<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key   
    ServerAdmin mail@domainc.com
    DocumentRoot /home/www/html/domainc.com
    ServerName www.domainc.com
    ServerAlias *.domainc.com 
    ScriptAlias /cgi-bin/ "/home/www/html/domainc.com/cgi-bin/"
    RewriteEngine On
    RewriteOptions Inherit 
    ErrorLog /home/log/domainc.com-error_log
    CustomLog /home/log/domainc.com-access_log common
</VirtualHost>

Everything works on this server when domains are pointed directly to it. But I would like to use another server as reverse proxy for domainc.com. So I installed apache on another CentOS server and point domainc.com to it. I put following configuration to /etc/httpd/conf.d/proxy.conf:

<IfModule mod_proxy.c>
        #turning ProxyRequests on and allowing proxying from all may allow
        #spammers to use your proxy to send email.

        ProxyRequests Off

        <Proxy *>
                AddDefaultCharset off
                Order deny,allow
                Allow from all
        </Proxy>

        # Enable/disable the handling of HTTP/1.1 "Via:" headers.
        # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
        # Set to one of: Off | On | Full | Block

        ProxyVia On
</IfModule>

And this configuration to httpd.conf:

NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin mail@domainc.com
    ServerName www.domainc.com
    ErrorLog logs/domainc.com-error_log
    CustomLog logs/domainc.com-access_log common

    ProxyRequests Off
    ProxyPreserveHost On
    ProxyPass / http://[IP of server 1]:80/
    ProxyPassReverse / http://[IP of server 1]:80/
</VirtualHost>

But now when I try to browse domainc.com, I get content of domaina.com. I have been trying to figure it out for several hours now, trying different configurations I found online, but I am getting still the same results. Can somebody help please? Is it possible to do this?

Best Answer

When you are using mod_proxy with this configuration, the original Host:-header will be replaced with whatever you write in ProxyPass. So when a client connects to your domainc server, the client will send the header Host: www.domainc.com. Your reverse proxy will strip this header out and instead send Host: [IP of server]. And since you don't have the IP listed in any VirtualHost, apache will simply choose the first one in the list of virtualhost, i.e. domaina.com.

The best way to fix this is to change the proxy configuration, adding the line 

ProxyPreserveHost On

This will make apache re-use the original Host:-header when it connects to the backend server.

(You could also add the IP address to the virtualhost config of domainc.com, but then you'd have the exact same problem if you want to proxy any other domain on the server, so it's not what I would recommend.)

Related Topic