Reverse-Proxy-Server

  1. 2 years ago

    Lars L

    16 Mar 2017 Europe (Germany, Chemnitz)

    Hi,
    I have the following problem:

    I run a webapp on my webserver in standalone mode over a specific port.

    On of my customers has a very strong firewall, which blocks all the connections over ports, except of 80 and 443.

    He told me, that with a "Reverse-Proxy-Server" I can solve this.

    Has anyone an idea how to fix this? How can I redirect the communication from my ports to port 443?

    Thanks Lars

  2. Kevin W

    16 Mar 2017 Pre-Release Testers, Xojo Pro

    There are several threads about this on the forum. Search for nginx and haproxy.

  3. Albin K

    16 Mar 2017 Europe (Sweden)

    http://john-joyce.com/xojo-and-load-balancing-with-haproxy/

  4. Albin K

    16 Mar 2017 Europe (Sweden)

    And if you need SSL, search for HAProxy SSL Termination :)

  5. Wayne G

    17 Mar 2017 Pre-Release Testers, Xojo Pro New Zealand axisdirect.nz

    If Windows is your target environment I'll be demonstrating how to test & deploy standalone Web Apps with reverse proxy & SSL offloading using IIS. The process is trivial and largely point & click. Join us at http://vxug.org/ on the 30th. @Phillip Z & @Geoff P will be there too!

  6. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    Yea, I need SSL :)

    I have a webserver running ubuntu 64 bit with nginx. Do you guys know a "how-to" for a reverse proxy using nginx?

  7. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    ah, ok what read here: http://john-joyce.com/xojo-and-load-balancing-with-haproxy/

    I cannot set up a reverse proxy using nginx where several users comes from the same IP (for example when they are in the same office).

    So I need HAProxy right?

  8. Tomas J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    Sorry I am only familiar with apache2, where you need to enable mod_proxy and settings this in the config file. And no, basically nginx should do quite the same job if you are accessing your web with public URL. I see no need for an additional haproxy except when it comes to LB.

    https://www.nginx.com/resources/admin-guide/reverse-proxy/

  9. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    Thanks Tomas,

    I configured it in this way, that if someone calls a subfolder "via" the traffic has to delivers to the app, whis is running on port 34001:

    location /via/ {
    	proxy_buffering off;
    	proxy_read_timeout 5m;
    	proxy_pass http://93.90.178.92:34001;
    }

    But if I call the url "http2://vms2-via-cloud.de/via", the 404 Error occurs.

    What do I wrong?

  10. Tomas J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    I have to pass this to somebody else with deeper knowledge of nginx... your stand alone server listens to this port? try to access it from the inside on http://93.90.178.92:34001

  11. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    http://93.90.178.92:34001 works!

    the reverse proxy not
    :/

  12. Patrick L

    22 Mar 2017 Pre-Release Testers, Xojo Pro
    Edited 2 years ago

    Hi Lars,

    I think that the way your config is written, the /via/ gets passed to the proxy path. Try adding a slash to the end of proxy_pass:

    proxy_pass http://93.90.178.92:34001/;

    Have a look at
    https://www.digitalocean.com/community/tutorials/understanding-nginx-http-proxying-load-balancing-buffering-and-caching#deconstructing-a-basic-http-proxy-pass

    Having said that, I am struggling with trying to do the same as you (instead of connecting directly to a port other than 80 or 443).
    I always get the Xojo "Server disconnected" text (but without any images). It's like Xojo loads the framework but is then unable to talk to it.

    The only method I have seen work so far (on these forums) is to use unique subdomains for your webapps (app1.example.com , app2.example.com ) and have the config location set to / for each.

  13. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    @Patrick L Try adding a slash to the end of proxy_pass

    thanks, this helps a bit. Now I get the connection to the app.

    But like you, the app isn't able to establish a connection:
    http://vms2.via-cloud.de/via/

    It seems, that the ressources aren't pass thru the proxy:

    GET http://vms2.via-cloud.de/framework/framework.js 

    -> the framework ist located under "http://vms2.via-cloud.de/...", but under "http://vms2.via-cloud.de:34001/..."

    How can I map this to right locaion?

  14. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)
    Edited 2 years ago

    Starting it from the root directory of the subdomain works well.

    Except of some 504 Errors which I discuss on another threat here

  15. Patrick L

    22 Mar 2017 Pre-Release Testers, Xojo Pro
    Edited 2 years ago

    Adding yet another location for "framework" gets the images, but Xojo then uses what looks like a UUID for the comms and that, of course, fails.

            location /framework/ {
                    proxy_buffering off;
                    proxy_read_timeout 5m;
                    proxy_pass http://93.90.178.92:34001/framework/;
            }

    It would be good if someone from Xojo could explain how the webapp determines the URI, or if it can only use the domain name (in which case, this approach cannot work unless the webapp can somehow be forced to use a given subdirectory after the domain name. Feature request for a comman line option...?)

  16. Lars L

    22 Mar 2017 Europe (Germany, Chemnitz)

    Is there a xojo staff member, which can help?

    How can we map thru the UUIDS for the comms?

  17. Kevin W

    22 Mar 2017 Pre-Release Testers, Xojo Pro

    Sounds like you need to use "location /" in your settings. You don't want to be trying to piece together every url, just forward everything to the xojo app.

  18. John J

    22 Mar 2017 Pre-Release Testers, Xojo Pro Cleveland, Ohio

    I would recommend you set up a separate subdomain for the app instead of routing by a directory name - is that an option for you?

  19. Lars L

    23 Mar 2017 Europe (Germany, Chemnitz)

    Yes, I brought it to live while using an own supdomain for the app. That works.

    Plesk only supports the proxy-configuration for subfolders. So I had to change the nginx.conf file by my self, which is originally generated by Plesk. Unfortunately everytime I make some changes on the subdomain, I have manually reconfigure this file again because Plesk overwrites it.

    But yea, subdomains working!

    also with ssl!

  20. Tomas J

    23 Mar 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    Nice to hear this! congrats and yes in such cases plesk or other admin tools like webmin (my favorite) are at their limits. For direct editing I am using mc / mcedit instead of vi or other editors... hounting shadows of my past MSDOS and Norton Commander times ;-)

  21. Newer ›

or Sign Up to reply!