"Proxy proxy"!
Denis F. Latypoff
denis at gostats.ru
Fri Sep 26 14:50:01 MSD 2008
Hello Igor,
Friday, September 26, 2008, 5:37:28 PM, you wrote:
> Hi,
> We have a linux box hosted at an ISP which has been running various
> sites on Apache for some time. I'm in the process of porting the sites
> on it to nginx. At the moment I just have the default ('_') nginx
> server proxy_pass-ing everything to Apache on a local high port like so:
> server {
- listen x.x.x.x:80;
- server_name _ default;
+ listen x.x.x.x:80 default;
+ server_name _;
> location / {
> proxy_pass http://127.0.0.1:8080;
> proxy_set_header Host $http_host;
- proxy_set_header X-Real-Remote-IP $remote_addr;
+ proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> }
> }
> and I'm just implementing new specific server {} blocks identified
> with server_name for each site as I go. All the sites work fine, so
> far so good.
> The Apache setup is configured to act as a forward proxy, restricted
> to our network and with basic auth, as we occasionally need to check
> how things look from outside our network, or to be able to look back
> at our network from outside.
> I've added the local address in the Allow from list in the Apache
> proxy config, but I can't seem to get it to allow proxy requests for
> remote URLs; it just says 403. It allows proxy requests for sites
> hosted on that machine, but nothing else. I'm fairly sure the Apache
> config is otherwise good, as we've been using it like this for a while
> and it hasn't changed other than the new local Allow address.
> Perhaps it's something to do with host-header mangling, or similar ...
> Is there a way to get this to work? I guess we could open port 8080 on
> the firewall so that we can access the Apache proxy directly, but I'm
> interested to know if there's another way.
> Thanks,
> Igor
--
Best regards,
Denis mailto:denis at gostats.ru
More information about the nginx
mailing list