knightdogs
asked on
webserver / network setup
hello
I have been tasked with the following:
domains:
abc.com
def.com
ghi.com
jkl.com
internet connections:
cable 24.24.24.24
machines:
webserver1 standard LAMP 192.168.1.100
webserver2 standard LAMP 192.168.1.101
what i need to do is have on webserver1 abc.com and def.com
webserver2 ghi.com and jkl.com
external DNS is pointing all 4 domains to 24.24.24.24
How do I get abc.com and def.com to resolve to webserver1 and ghi.com and jkl.com to resolve to server2. Port forwarding of 80 is on but that only goes to webserver1. I was thinking about an internal DNS server but how do you get the domains to resolve to the correct internal server?
Is there a better way of doing this? I have thought about getting multiple IP's but if it can be done without doing that it would be better.
Thanks for the help
I have been tasked with the following:
domains:
abc.com
def.com
ghi.com
jkl.com
internet connections:
cable 24.24.24.24
machines:
webserver1 standard LAMP 192.168.1.100
webserver2 standard LAMP 192.168.1.101
what i need to do is have on webserver1 abc.com and def.com
webserver2 ghi.com and jkl.com
external DNS is pointing all 4 domains to 24.24.24.24
How do I get abc.com and def.com to resolve to webserver1 and ghi.com and jkl.com to resolve to server2. Port forwarding of 80 is on but that only goes to webserver1. I was thinking about an internal DNS server but how do you get the domains to resolve to the correct internal server?
Is there a better way of doing this? I have thought about getting multiple IP's but if it can be done without doing that it would be better.
Thanks for the help
Notes on the above solution:
-Since the basic structure you will use would be reverse NAT (Mapping an internal servers Port 80 to your outside interface's 80 port) it is not possible to direct it to an internal DNS and respond it from there.
- Apache HTTP solution is a name based virttual hositng solution in that you have one address and several domains. They are identified decoding the request and seeing what site the request has been made and direct the request to that folder so the correct page is served.
So once the NAT operation of mapping webserver1 :80 to your cable IP's port 80 go edit the configuration file for the webserver1 apache configuration locate this line:
NameVirtualHost *:80
and add these lines under the statement:
-Since the basic structure you will use would be reverse NAT (Mapping an internal servers Port 80 to your outside interface's 80 port) it is not possible to direct it to an internal DNS and respond it from there.
- Apache HTTP solution is a name based virttual hositng solution in that you have one address and several domains. They are identified decoding the request and seeing what site the request has been made and direct the request to that folder so the correct page is served.
So once the NAT operation of mapping webserver1 :80 to your cable IP's port 80 go edit the configuration file for the webserver1 apache configuration locate this line:
NameVirtualHost *:80
and add these lines under the statement:
### webserver1 Begin ###
<VirtualHost *:80>
ServerAdmin root@abc.com.tr
DocumentRoot /var/www/html/abc.com
ServerName www.abc.com
ErrorLog logs/abc.com-error_log
CustomLog logs/abc.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin root@def.com.tr
DocumentRoot /var/www/html/def.com
ServerName www.def.com
ErrorLog logs/def.com-error_log
CustomLog logs/def.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerName www.ghi.com
ServerAlias www.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://ghi.webserver2.sec/
ProxyPassReverse / http://ghi.webserver2.sec/
DocumentRoot /var/www/html/ghi.com
Errorlog logs/www.ghi.com-log
CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.jkl.com
ServerAlias www.jkl.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://jkl.webserver2.sec/
ProxyPassReverse / http://jkl.webserver2.sec/
DocumentRoot /var/www/html/ghi.com
Errorlog logs/www.jkl.com-log
CustomLog logs/www.jkl.com-access_log combined
</VirtualHost>
#### webserver1 end ####
Then go to webserver2 edit the httpd.conf and locate namvirtualhost directive and enter these lines under it:
#### webserver1 begin ####
<VirtualHost *:80>
ServerAdmin root@ghi.com
DocumentRoot /var/www/html/ghi.com
ServerName www.ghi.com
ErrorLog logs/ghi.com-error_log
CustomLog logs/ghi.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin root@jkl.com.tr
DocumentRoot /var/www/html/jkl.com
ServerName www.jkl.com
ErrorLog logs/jkl.com-error_log
CustomLog logs/jkl.com-access_log common
</VirtualHost>
#### webserver2 end ####
Ooops sorry. Please change the webserver1 settings this way. and place your ghi and jkl website files directly under webserver2 /apache_home/ghi and /apache_home/jkl.
This way you wont need to define virthosts in webserver2 and directly proxy the requests.
This way you wont need to define virthosts in webserver2 and directly proxy the requests.
### webserver1 Begin ###
<VirtualHost *:80>
ServerAdmin root@abc.com.tr
DocumentRoot /var/www/html/abc.com
ServerName www.abc.com
ErrorLog logs/abc.com-error_log
CustomLog logs/abc.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin root@def.com.tr
DocumentRoot /var/www/html/def.com
ServerName www.def.com
ErrorLog logs/def.com-error_log
CustomLog logs/def.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerName www.ghi.com
ServerAlias www.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://webserver2/ghi
ProxyPassReverse / http://webserver2/ghi
DocumentRoot /var/www/html/ghi.com
Errorlog logs/www.ghi.com-log
CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.jkl.com
ServerAlias www.jkl.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://webserver2/jkl
ProxyPassReverse / http://webserver2/jkl
DocumentRoot /var/www/html/ghi.com
Errorlog logs/www.jkl.com-log
CustomLog logs/www.jkl.com-access_log combined
</VirtualHost>
#### webserver1 end ####
Here I am assuming that pinging webserver2 would resolve the internal address. If not add the appropriate doman extension such as webserver2.local etc. If you wan to access it just by name go and add an alias to your hosts file in webserver1 such as:
192.168.1.100 webserver1.sec webserver1
192.168.1.101 webserver2.sec webserver2
This way you will be able to ping using just the name hence the above setting for reverseproxy requests will resolved to an ip.
Cheers,
K.
192.168.1.100 webserver1.sec webserver1
192.168.1.101 webserver2.sec webserver2
This way you will be able to ping using just the name hence the above setting for reverseproxy requests will resolved to an ip.
Cheers,
K.
ASKER
KeremE,
thanks for the quick response, I see what you are telling me to do. since this is a new setup i can change the port forwarding if i wanted to. would i make more sense to turn off port forwarding? if this keeps growing ( new domains keep getting added) then this solution might get a bit messy I would guess.
knightdog
thanks for the quick response, I see what you are telling me to do. since this is a new setup i can change the port forwarding if i wanted to. would i make more sense to turn off port forwarding? if this keeps growing ( new domains keep getting added) then this solution might get a bit messy I would guess.
knightdog
Yeah but you can no eliminate port forwarding. Because all your requests come to a single IP address and when you get the request you dont have a URL but a HTTP request with embedded requested URL. So you'll need an application proxy to decode the URL request and forward the request to the required host. This can not be accomplished with DNS.
Your other alternatives are:
- Directing all requests to a reverse proxy and distributing the requsts to backend servers on requested URL.
- Creating a Web Cluster with a virtual IP address that will respond all incoming requests.
In each solution you'll be using the port forwarding to a single address whether it is a proxy for backend web servers or a Cluster. Furthermore it is not easy to maintain an application Cluster in that it will require special administration and special hardware suches mulitpoint iSCSI connections etc.
If you want to keep it simple then use a reverse proxy and distribute load from there.
Your other alternatives are:
- Directing all requests to a reverse proxy and distributing the requsts to backend servers on requested URL.
- Creating a Web Cluster with a virtual IP address that will respond all incoming requests.
In each solution you'll be using the port forwarding to a single address whether it is a proxy for backend web servers or a Cluster. Furthermore it is not easy to maintain an application Cluster in that it will require special administration and special hardware suches mulitpoint iSCSI connections etc.
If you want to keep it simple then use a reverse proxy and distribute load from there.
ASKER
KeremE,
Do you have any suggestions on the reverse proxy option?
I would like to stay freeware if at all possiable and I use CentOS5 mainly
Knightdog
Do you have any suggestions on the reverse proxy option?
I would like to stay freeware if at all possiable and I use CentOS5 mainly
Knightdog
Hi,
My initial solution for webserver1 ghi.com, jkl.com were actually reverse proxy requests. So all you need is apache daemon for reverse proxying. Plese note the lines:
ProxyPass / http://webserver2/jkl
ProxyPassReverse / http://webserver2/jkl
These are doing the reverse proxying. In that solution you'l have a reverse proxy whic wil get all requests and depending on the request URL redirect them to backend webservers.
So in my original solution Webserver1 is reverse proxying ghi.com and jkl.com sites. You can use the conifguration snippet as a template.
Cheers,
K.
My initial solution for webserver1 ghi.com, jkl.com were actually reverse proxy requests. So all you need is apache daemon for reverse proxying. Plese note the lines:
ProxyPass / http://webserver2/jkl
ProxyPassReverse / http://webserver2/jkl
These are doing the reverse proxying. In that solution you'l have a reverse proxy whic wil get all requests and depending on the request URL redirect them to backend webservers.
So in my original solution Webserver1 is reverse proxying ghi.com and jkl.com sites. You can use the conifguration snippet as a template.
Cheers,
K.
ASKER
KeremE,
thanks for the help so far, i am trying to get it to work. domain ghi.com is actually a nagios server which is https. I have changed the httpd.conf on server1 to reflect
<VirtualHost 192.168.1.72:80>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log s/error_lo g
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
when you hit it directly
https://192.168.1.70/nagios you get the login page for nagios.
I have edited the c:\windows\system32\driver s\etc\host st file and added nagios.ghi.com on my local testing workstation
now when you go to https://nagios.ghi.com you get
Forbidden
You don't have permission to access / on this server.
did i miss a step?
knightdog
thanks for the help so far, i am trying to get it to work. domain ghi.com is actually a nagios server which is https. I have changed the httpd.conf on server1 to reflect
<VirtualHost 192.168.1.72:80>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
when you hit it directly
https://192.168.1.70/nagios you get the login page for nagios.
I have edited the c:\windows\system32\driver
now when you go to https://nagios.ghi.com you get
Forbidden
You don't have permission to access / on this server.
did i miss a step?
knightdog
> now when you go to https://nagios.ghi.com you get
As you have noticed our virtualhost is *:80 so virtualhost is listening to HTTP port not the HTTPS port.
So to access the site over the settings you'll need to change your URL so that it would be:
http://nagios.ghi.com
Https will be between nagios and proxy. Client to proxy communication will be clear text.
If you want to access the https site you need to create another virtualhost for the port 443. Then setup SSL for your proxy.
As you have noticed our virtualhost is *:80 so virtualhost is listening to HTTP port not the HTTPS port.
So to access the site over the settings you'll need to change your URL so that it would be:
http://nagios.ghi.com
Https will be between nagios and proxy. Client to proxy communication will be clear text.
If you want to access the https site you need to create another virtualhost for the port 443. Then setup SSL for your proxy.
If you want to proxy the request for ssl you need to put the reverse proxying request to your ssl.conf file so that the namevirtualhost vill be asigned to HTTPS (445)
the file should have
NameVirtualHost *:445 ( instead of *:80 )
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log s/error_lo g
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
I don't know on what distro you're installing LAMP on but if it is redhat based the file should be in /etc/httpd/conf.d/ssl.conf .
BTW dont change the VirtualHost name. So instead of this:
<VirtualHost 192.168.1.72:80>
Try to to keep:
<VirtualHost *:80>
So that you won't hard code the IP in your config and it will be easier to move to another system.
*:80 means that bind to the port 80 of all interfaces.
If you specify a hard coded IP then make sure that NameVirtualHost directive contains the same text.
the file should have
NameVirtualHost *:445 ( instead of *:80 )
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
I don't know on what distro you're installing LAMP on but if it is redhat based the file should be in /etc/httpd/conf.d/ssl.conf
BTW dont change the VirtualHost name. So instead of this:
<VirtualHost 192.168.1.72:80>
Try to to keep:
<VirtualHost *:80>
So that you won't hard code the IP in your config and it will be easier to move to another system.
*:80 means that bind to the port 80 of all interfaces.
If you specify a hard coded IP then make sure that NameVirtualHost directive contains the same text.
ASKER
KeremE,
please forgive me for asking the basic question:
1-remove
<VirtualHost 192.168.1.72:80>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log s/error_lo g
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
from webserver1 /etc/httpd/conf.d/httpd.co nf file
2- add to webserver1
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log s/error_lo g
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
in file /etc/httpd/conf.d/ssl.conf file
please forgive me for asking the basic question:
1-remove
<VirtualHost 192.168.1.72:80>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
from webserver1 /etc/httpd/conf.d/httpd.co
2- add to webserver1
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
# DocumentRoot /var/www/html/ghi.com
# Errorlog /var/www/vhosts/nagios/log
# CustomLog logs/www.ghi.com-access_log combined
</VirtualHost>
in file /etc/httpd/conf.d/ssl.conf
so what is the question here? :)
My suggestions were:
- Don't use <VirtualHost 192.168.1.72:80> but use <VirtualHost *:80> as your NameVirtualHost *:80 directive suggests. The notation with ip addresses were for the older version of Apache when it was lacking the option *.
- If you want to get the resulting site in HTTPS rather than HTTP then put the webserver1 virtualhost directive in your SSL configuration file. But the place off this file is varying depending on the distro you use. So I'd just give an example from RedHAT / Fedora / CentOS. Where this file resides in /etc/httpd/conf.d/ssl.conf . Please locate the actual place in your distro.
My suggestions were:
- Don't use <VirtualHost 192.168.1.72:80> but use <VirtualHost *:80> as your NameVirtualHost *:80 directive suggests. The notation with ip addresses were for the older version of Apache when it was lacking the option *.
- If you want to get the resulting site in HTTPS rather than HTTP then put the webserver1 virtualhost directive in your SSL configuration file. But the place off this file is varying depending on the distro you use. So I'd just give an example from RedHAT / Fedora / CentOS. Where this file resides in /etc/httpd/conf.d/ssl.conf
ASKER
KeremE,
on webserver1(CentOS5.2) I have added to /etc/httpd/conf.d/ssl.conf
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
</VirtualHost>
I get the warning page when i go there and i have to add an exception for the certificate and then i get
Forbidden
You don't have permission to access / on this server.
on webserver1(CentOS5.2) I have added to /etc/httpd/conf.d/ssl.conf
<VirtualHost *:445>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
</VirtualHost>
I get the warning page when i go there and i have to add an exception for the certificate and then i get
Forbidden
You don't have permission to access / on this server.
ASKER
KeremE,
Did I say something wrong?
knightdog
Did I say something wrong?
knightdog
Oops I've mae a typo I guess. Please change this:
<VirtualHost *:445>
into
<VirtualHost *:443>
and please add this line before the corrected line:
NameVirtualHost *:443
<VirtualHost *:445>
into
<VirtualHost *:443>
and please add this line before the corrected line:
NameVirtualHost *:443
So the final version should read:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
ServerName nagios.ghi.com
ServerAlias nagios.ghi.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.1.70/nagios
ProxyPassReverse / https://192.168.1.70/nagios
</VirtualHost>
These lines must be placed after:
<VirtualHost _default_:443>
.
.
.
</VirtualHost>
Stanza. BTW I'm using a similar solution. So I'm sure this is working :)
<VirtualHost _default_:443>
.
.
.
</VirtualHost>
Stanza. BTW I'm using a similar solution. So I'm sure this is working :)
ASKER
it is still giving me the error
would it be possiable to IM outside of here to go a little bit deeper into this?
gomi69 at hotmail dot com
knightdog
would it be possiable to IM outside of here to go a little bit deeper into this?
gomi69 at hotmail dot com
knightdog
ASKER
I am still getting the error:
Forbidden
You don't have permission to access / on this server.
Forbidden
You don't have permission to access / on this server.
Ok lets see:
- First of all you won't like to reverse proxy https://192.168.1.70/nagios because it would always return the HTTPS certificate from the server and since it will not reolve your outside web it will be alaost always get a certificate mismatch. Also since the communication will be in intranet between nagios server and your reverse proxy you wont need https. So change it to http instead.
- Secondly the url you specify your server is https://192.168.1.70/nagios and this is not interpreted by the server. So what you are trying to get from the backend server is actually https://192.168.1.70/nagiosindex.html which will always result in a page 404 error. So please change the url to this:
http://192.168.1.70/nagios/
- Lastly reenable the log lines that I've proposed earlier but you've commented ou and eventually removed:
DocumentRoot /var/www/html/ghi.com
Errorlog logs/https-www.ghi.com-error_log
CustomLog logs/https-www.ghi.com-access_log combined
How would you know what went wrong if you've disabled the logs?
- First of all you won't like to reverse proxy https://192.168.1.70/nagios because it would always return the HTTPS certificate from the server and since it will not reolve your outside web it will be alaost always get a certificate mismatch. Also since the communication will be in intranet between nagios server and your reverse proxy you wont need https. So change it to http instead.
- Secondly the url you specify your server is https://192.168.1.70/nagios and this is not interpreted by the server. So what you are trying to get from the backend server is actually https://192.168.1.70/nagiosindex.html which will always result in a page 404 error. So please change the url to this:
http://192.168.1.70/nagios/
- Lastly reenable the log lines that I've proposed earlier but you've commented ou and eventually removed:
DocumentRoot /var/www/html/ghi.com
Errorlog logs/https-www.ghi.com-error_log
CustomLog logs/https-www.ghi.com-access_log combined
How would you know what went wrong if you've disabled the logs?
ASKER
KeremE:
please forgive the late response on this. can you give me a hand with this again?
here is the setup ( back to basic )
external ip forwarded to front end webserver
<VirtualHost *:80>
ServerName abc.org
ServerAlias abc.org
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://192.168.2.220/abc.org
ProxyPassReverse / http://192.168.2.220/abc.org
DocumentRoot "/var/www/vhosts/abc.org/p ublic_html "
Errorlog logs/http-www.abc.org
CustomLog logs/http-www.abc.org combined
<Directory "/var/www/vhosts/abc.org/p ublic_html ">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
backend web server
<VirtualHost *:80>
DocumentRoot "/var/www/vhosts/abc.org/p ublic_html "
ServerName abc.org
<Directory "/var/www/vhosts/abc.org/p ublic_html ">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
when i enter in www.abc.org into my web browser (fire fox) i get:
Not Found
The requested URL /abc.org was not found on this server.
Apache/2.2.3 (Red Hat) Server at abc.org Port 80
thanks for the help
please forgive the late response on this. can you give me a hand with this again?
here is the setup ( back to basic )
external ip forwarded to front end webserver
<VirtualHost *:80>
ServerName abc.org
ServerAlias abc.org
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://192.168.2.220/abc.org
ProxyPassReverse / http://192.168.2.220/abc.org
DocumentRoot "/var/www/vhosts/abc.org/p
Errorlog logs/http-www.abc.org
CustomLog logs/http-www.abc.org combined
<Directory "/var/www/vhosts/abc.org/p
allow from all
Options +Indexes
</Directory>
</VirtualHost>
backend web server
<VirtualHost *:80>
DocumentRoot "/var/www/vhosts/abc.org/p
ServerName abc.org
<Directory "/var/www/vhosts/abc.org/p
allow from all
Options +Indexes
</Directory>
</VirtualHost>
when i enter in www.abc.org into my web browser (fire fox) i get:
Not Found
The requested URL /abc.org was not found on this server.
Apache/2.2.3 (Red Hat) Server at abc.org Port 80
thanks for the help
No Problem :)
First of all what you're requesting from your back-end server through your front end is:
http://192.168.2.220/abc.org
But your backend server has a root at:
/var/www/vhosts/abc.org/pu blic_html
so probebaly it is where you have your index.html
but you are requesting:
http://http://192.168.2.220/abc.org
which basically means:
http://192.168.2.220/abc.org/index.html
So you're looking for a directory under your root over your backend !! Do you really have it ?
If not please remove the aoc.org from the end fo your request.
First of all what you're requesting from your back-end server through your front end is:
http://192.168.2.220/abc.org
But your backend server has a root at:
/var/www/vhosts/abc.org/pu
so probebaly it is where you have your index.html
but you are requesting:
http://http://192.168.2.220/abc.org
which basically means:
http://192.168.2.220/abc.org/index.html
So you're looking for a directory under your root over your backend !! Do you really have it ?
If not please remove the aoc.org from the end fo your request.
ASKER
if i edit my host file (windows machine) and add the entry
192.168.2.220 www.abc.org
and open up a web browser and enter in www.abc.org it goes to the back end server.
what do you mean "remove the abc.org from the end of your request"
192.168.2.220 www.abc.org
and open up a web browser and enter in www.abc.org it goes to the back end server.
what do you mean "remove the abc.org from the end of your request"
ASKER
so this is still not working for me from outside on the internet
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for you help and time this took. I am sorry it took so long
You're welcome :) It is OK.
What you would do is:
- Setup your router to point to your webserver1 (192.168.1.100) via NAT
- Setup your webserver1 and add 4 virtual domains:
abc.com
def.com
ghi.com
jkl.com
- Setup your webserver2 and add 2 virtual domains:
ghi.com
jkl.com
- Add proxy module to your webserver1and define reverse proxying to ghi.com and jkl.com to reverse proxy to webserver2