Issues with ProxyPass and ProxyPassReverse when proxying to localhost and a different TCP port

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by mbrownnyc on Server Fault See other posts from Server Fault or by mbrownnyc
Published on 2011-11-09T16:11:06Z Indexed on 2012/03/27 17:33 UTC
Read the original article Hit count: 919

Filed under:
|
|
|

I am attempting to use ProxyPass and ProxyPassReverse to proxy requests through Apache to another server instance that is bound to the localhost on a different TCP port that the Vhost exists (VHost is bound to :80, when the target is bound to :5000).

However, I am repeatedly receiving HTTP 503 when accessing the Location.

According to the ProxyPass documentation...

<VirtualHost *:80>
    ServerName apacheserver.domain.local
    DocumentRoot /var/www/redmine/public
    ErrorLog logs/redmine_error

    <Directory /var/www/redmine/public>
            Allow from all
            Options -MultiViews
            Order allow,deny
            AllowOverride all
    </Directory>
</VirtualHost>
PassengerTempDir /tmp/passenger

<Location /rhodecode>
  ProxyPass http://127.0.0.1:5000/rhodecode
  ProxyPassReverse http://127.0.0.1:5000/rhodecode
  SetEnvIf X-Url-Scheme https HTTPS=1
</Location>

I have tested binding the alternate server to the interface IP address, and the same issue occurs.

The server servicing request is an instance of python paste:httpserver, and it has been configured to use the /rhodecode suffix (as I saw this to be mentioned in other posts about ProxyPass). The documentation from the project itself, Rhodecode, reports to use the above.

The issue is persistent if I target another server that is serving on a different port.

Does ProxyPass allow proxying to a different TCP port?

[update]

I won't delete this, in case someone comes across the same issue.

I had set an ErrorLog, and in that ErrorLog the following error was reported:

[Wed Nov 09 11:36:35 2011] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:5000 (192.168.100.100) failed
[Wed Nov 09 11:36:35 2011] [error] ap_proxy_connect_backend disabling worker for (192.168.100.100)

After some more research, I attempted to set SELinux to permissive (echo 0 >/selinux/enforce), and try again.

It turns out the SELinux boolean httpd_can_network_connect must be set to 1.

For persistence on reboot:

setsebool -P httpd_can_network_connect=1

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about reverse-proxy

Related posts about httpd

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle