Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Appache Reverse Proxy 404 Errors

Posted on 2011-02-22
Medium Priority
Last Modified: 2012-05-11
We are trying to get the reverse functionality of an apache proxy working on a windows server.  I can reverese proxy to the actuall apache box w/o issue.  However, we are trying to refer to an internal web server.  What happens is that the request seems to hit the internal server (the address bar in the browser changes adding a directory and file to the back of the URL, as it would if you were inside the network).  However, the page returned is a 404 (browser 404 page).  If we look at the access logs it shows the get requrest and the back part of the URL but not the host/domain name.  When we look at the error log, it shows an error trying to retrieve the the file, showing the place it is trying to get the file is from the root of the proxy not the internal server.  Wondering if someone could help.

Sample from Access Log:
x.x.x.x - - [22/Feb/2011:14:25:09 -0700] "GET /Client/ HTTP/1.1" 304 -
x.x.x.x - - [22/Feb/2011:14:25:09 -0700] "GET /login/page HTTP/1.1" 403 215
x.x.x.x - - [22/Feb/2011:14:26:38 -0700] "GET /login/page HTTP/1.1" 404 211

Sample from Error Log:
[Tue Feb 22 14:26:38 2011] [client x.x.x.x] File does not exist: C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/login

Most Relevant Part of httpd.conf
ProxyRequests off
ProxyPass /Client/ http://ServerInternal/Client/
ProxyPassReverse /Client/ http://ServerInternal/Client/

Thank You.
Question by:jtmoske
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 27

Expert Comment

ID: 34960783
>>x.x.x.x - - [22/Feb/2011:14:25:09 -0700] "GET /login/page HTTP/1.1" 403 215

Comes from the client (browser) and gets lost because it does not start with /Client

The proxypass directive assumes that all URLs starting /client are to be passed forward as /Client to ServerInternal using the http protocol. Whereas

x.x.x.x - - [22/Feb/2011:14:25:09 -0700] "GET /Client/ HTTP/1.1" 304

had the right URL prefix and returned a Not Modified.

Author Comment

ID: 34960933
Thank you BigRat.  Little more help for my understanding.  
When the url is passed to the internal server as is th case in the first line of the sample access log.
The internal server "changes" the page and sends back the /login/page to the origiating browser.  The two get requests in the sample config are not requests that are not typed in the origionating browser by a user they are returned to the browser from the internal server then perhaps requesting again and faling due to the lack of the /client/?

Author Comment

ID: 34960976
Is there a way document root change or some url rewrite would help?
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 27

Expert Comment

ID: 34961079
>>The internal server "changes" the page and sends back the /login/page to the origiating browser.  

The proxy Server (in this case Apache) changes the incomming URL and passes it onwards to the other (in this case internal) server. This then replies with some data, which is passed back by Apache to the browser.

The proxy pass reverse directive is there for when the internal server does a redirect. A redirect can lave a location field and this would naturally contain an internal name or address. The reverse changes this to the (in this case Apache) proxy server.

The proxy directive / would pass ALL URLs unchanged to the internal server. This can be dangerous, as all URLs might not be secure. So one uses a portion of the URL, eg: /client. Ideally the external URL should NOT differ from the internal URL. The reason is links in the HTML page can be relative (thats OK) or absolute (that causes problems).

The browser should see no change in the URL, nor should the URL actually change. The proxying should be transparent. The internal server's name and I/P address should be unknown from the outside - that's the point about proxying.
LVL 27

Expert Comment

ID: 34961118
>>Is there a way document root change or some url rewrite would help

It seems to me that the /Client condition is inappropiate. can you explain just exactly what you are doing?

Author Comment

ID: 34961170
We are setting up a reverse proxy to allow access to an internal server running a web based application (a shoretel web client).  The /client is the parameter that they say is required in their documentation for proxypass and proxypassreverse.  I am going to run a test to an internal site that is a static web page to confirm the simplest setup is working.
LVL 27

Accepted Solution

BigRat earned 1000 total points
ID: 34961237
>>The /client is the parameter that they say is required in their documentation for proxypass and proxypassreverse

The way you have configured it, all URLs MUST start with /Client. I suspect that all incomming URLs must be EXTENDED with /Client which would mean :-

ProxyPass    /    http://ServerInternal/Client/

Author Comment

ID: 34961247
I will test that and follow up.
Thank you.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question