Solved

Page redirection to an internal server.

Posted on 2004-08-22
11
183 Views
Last Modified: 2010-03-04
I have a webmail system that I would like access from the internet. The problem is I have 2 server the First is a web server running apache. The 2nd server is the mail server that also has apache on it and runs the webmail. I have it all behind a router and on the router port 80 is forwarded to the web server. So now I have a problem I dont know how to make the webmail page on the mail server accessible to the internet.

Jesse Sparks
sparksj@edge-techs.com
0
Comment
Question by:Jesse_Sparks
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
OK, so Port 80 traffic from the Internet is forwarded to Web Server 1. And Web Server 2 host the Webmail system. Right?

If that's the case, you can't do what you want. Page redirection just tells the browser "The place you're looking for is over there." The browser then opens a connection to "over there" and gets what it wants.

If your network arrangement does not forward Port 80 traffic to Web Server 2, then a browser out on the Internet is not going to be able to get to "over there", no matter how much Web Server 1 tells it that it needs to go "over there".

The solution would be to register a name in DNS for Web Server 2 and configure your network arrangement to forward Port 80 traffic to it. Be sure your redirection uses the proper URL. The when Web Server 1 told a browser to go "over there", the browser could actually get there.
0
 
LVL 48

Expert Comment

by:hernst42
Comment Utility
You might use the mod_proxy of apache to access the second server from the first server.
So you connect to the first server to http://example.com/webmail/ and apache passes only for that directory the request to http://yoursecondserver/webmaildir/
0
 
LVL 15

Expert Comment

by:samri
Comment Utility
addition to hernst42,

You could even register another DNS name for webserver1. let say this name is webmail.yourdomain.com, and create a virtualhost on webserver1, and inside that vhost, do a referse proxt to server2.  In this way, you external client would only use http://webmail.yourdomain.com/

it works pretty much like the initial suggestion as hernst42 mentioned, but will be a bit better.  Based on my experience, some apps tend to have static linking in their HTML codes, so if on webserver2, you had http://webserver2/something.html, then your http://example.com/webmail/ may have some problem, since the proxied page may not get rewritten properly.

Give some thought on the available suggestion -- and decide .. we will elaborate on that.

I kinda like PsiCop suggestion - clean, and straightforward.  But *lack* of challenge :)

cheers.
0
 

Author Comment

by:Jesse_Sparks
Comment Utility
I have a DNS entry for webmail.edge-techs.com and right now I have a redirect html page on my webserver that points to mebmail.edge-techs.com:76 and I have setup the mail servers apache to listen on port 76. This solutions is working but I think there is a better way. Im not sure what you mean to register a name in DNS for the mail server. My router has all traffic on port 80 going to the internal IP of the webserver, not sure how to tell it of the header is webmail to look at the email server.

Jesse
0
 
LVL 15

Expert Comment

by:samri
Comment Utility
is webmail.edge-techs.com the Linksys box?  or some  exterrnal host?  I am confused :(

depending on how the redirection is configured.  Apache on the backend, would receive the request (if redirection works properly) and examine the Host header of the request, and will pass it to the defined Vhost (or the defaulf vhost is ne matches).
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
"I kinda like PsiCop suggestion - clean, and straightforward.  But *lack* of challenge :)"

I'm partial to things that work reliably with a minimum of fuss. Probably why I don't like Windoze. :-)
0
 

Author Comment

by:Jesse_Sparks
Comment Utility
Okay so what I have is 2 Linux server both run apache, one server is a webserver setup with Vhosts for 20 sites or so and the other server is my mail server but it has my webmail running on it as well. I have a snapgear router connected to the internet and both my servers behind that rounter. I have port 25 forwared to the Email servers internal IP and I have port 80 forwarded to the internal IP of the webserver. The problem is how do I get an internal client from the web to be able to see the webmail site when all of the port 80 traffic is going to the webserver. Does that make it better?
0
 
LVL 15

Expert Comment

by:samri
Comment Utility
hi Jesse,

lets, name Linux1 - host the 20 vhosts, and Linux2 host the mail, and also had webmail installed/configured on port 80.
the router had redirector - port 80 to goto linux1, and port 25 to linux2.

create another dns name for webmail.domain.com, and also add another vhost to linux1 (now we had 21 total vhosts on linux1).  On this Vhost, just defined a ProxyPass/ProxyPassReverse to linux2.

With this approach, external clients would be using http://webmail.domain.com/, they will hit your router, which will redirect the traffic to linux1.  The Vhost for webmail.domain.com, will do proxy this request to http://linux2:80/.

This should work.

If your opt to the "clean, and straight forward" way as PsiCop suggested, you ned to ensure that your router could redirect based on the TargetAddress (which I really could not confirm), and redirect traffic to Linux2.  With this method, the webmail.domain.com DNS name would still have the IP address of the router.  Still clean, but I am not sure where it would be possible with you router.

I would (personally like) the Vhost on Linux1 to reverse proxy content on Linux2 for some reasons -- challenge is one, proxy/caching capability (not that make much difference), can customize error message in the even that linux2 is not reachable. etc. etc.  But again, we had 3 dependencies - rouer, linux1, and linux2, as compared to redirector on router, only had 2 points of failure, router and linux2.

I hope I am not repeating any previous commnet :)
HTH.
0
 

Author Comment

by:Jesse_Sparks
Comment Utility
That is great and sounds like it should be better and cleaner then my hack install. How do I setup a ProxyPass/ProxyReverse to go to linux2? If someone could give my some ideas how this works or where I can read up on it that would be great.

Jesse
0
 
LVL 15

Accepted Solution

by:
samri earned 125 total points
Comment Utility
Jesse,

You may jump to Apache mod_proxy module docs at http://httpd.apache.org/docs-2.0/mod/mod_proxy.html which should give you enought headache to start with.  If you hate that, jump straight to
http://httpd.apache.org/docs-2.0/mod/mod_proxy.html#proxypass
http://httpd.apache.org/docs-2.0/mod/mod_proxy.html#proxypassreverse
http://httpd.apache.org/docs-2.0/mod/mod_proxy.html#forwardreverse

Or still if you are so lazy :)
The following would be in the Vhost container of webmail.domain.com (on Linux1 machine).

--
<VirtualHost ...>
  ServerName webmail.domain.com
#  ...   ... the other stuff ...
  Reverse Proxy
  ProxyRequests Off

  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>
  ProxyPass             / http://IP_address_of_linux2_machine/
  ProxyPassReverse / http://IP_address_of_linux2_machine/
</VirtualHost
--

However! Apache on Linux2, would be seeing request coming from Linux1 machine - kind of. To monitor usage/connection, you would need to pay attention to logfile on Linux1.

Hope this helps.

Cheers,
Samri
0
 

Author Comment

by:Jesse_Sparks
Comment Utility
Thanks for all your help that is great.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
How to redirect https://www to non-www? 6 69
apache and php 3 89
PHP in Apache server 20 81
.htaccess file settings 4 30
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
This video discusses moving either the default database or any database to a new volume.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now