需求场景:通过访问apache的http地址,反向代理访问后端的https服务,而且路径带有只能特定模块才反向代理

配置如下

 listen 

 <VirtualHost *:>

     #管理员邮箱 随便填 可不要此指令

     ServerAdmin webmaster@dummy-host.example.com

     #域名 为IP地址

     ServerName 本机ip

     <Proxy *>

         Order deny,allow

         Allow from all

     </Proxy>

     SSLProxyEngine On  #https代理最关键就是这个

     ProxyPreserveHost On

     ProxyRequests Off #关闭正向代理

     #ProxyPassMatch ^/foo/bar https://123.123.123.2 #443端口这么写

     ProxyPassMatch ^/foo/bar https://123.123.123.2:6079(如果是443端口不要加了,否则连接不上,可以打开httpd.conf 打开debug级别日志能看到)

     ProxyPass / ! #表示不是上面匹配的路径不转发,走默认的httpd.conf  DocumentRoot

     ProxyPassReverse / ! #表示不是上面匹配的路径不转发,走默认的httpd.conf  DocumentRoot

     ErrorLog /var/log/httpd/test_error_log

     CustomLog /var/log/httpd/test_access_log combined

 </VirtualHost

效果展示

curl http://本地ip:8182/foo/bar/123

会转发到后端

示范日志,需要httpd开启debug 在httpd.conf 修日志级别重启l即可

[Thu Sep  ::27.575036 ] [authz_core:debug] [pid ] mod_authz_core.c(): [client 192.168.10.30:] AH01628: authorization result: granted (no directives)

[Thu Sep  ::27.575188 ] [proxy:debug] [pid ] mod_proxy.c(): [client 192.168.10.30:] AH01143: Running scheme https handler (attempt )

[Thu Sep  ::27.575197 ] [proxy_ajp:debug] [pid ] mod_proxy_ajp.c(): [client 192.168.10.30:] AH00894: declining URL https://123.123.123.2/foo/bar/getFPInfoByNSRSBH

[Thu Sep  ::27.575203 ] [proxy_fcgi:debug] [pid ] mod_proxy_fcgi.c(): [client 192.168.10.30:] AH01076: url: https://123.123.123.2/foo/bar/getFPInfoByNSRSBH proxyname: (null) proxyport: 0

[Thu Sep  ::27.575207 ] [proxy_fcgi:debug] [pid ] mod_proxy_fcgi.c(): [client 192.168.10.30:] AH01077: declining URL https://123.123.123.2/foo/bar/getFPInfoByNSRSBH

[Thu Sep  ::27.575221 ] [proxy:debug] [pid ] proxy_util.c(): AH00942: HTTPS: has acquired connection for (123.123.123.2)

[Thu Sep  ::27.575229 ] [proxy:debug] [pid ] proxy_util.c(): [client 192.168.10.30:] AH00944: connecting https://123.123.123.2/foo/bar/getFPInfoByNSRSBH to 123.123.123.2:443

[Thu Sep  ::27.575321 ] [proxy:debug] [pid ] proxy_util.c(): [client 192.168.10.30:] AH00947: connected /foo/bar/getFPInfoByNSRSBH to 123.123.123.2:

[Thu Sep  ::27.581116 ] [proxy:debug] [pid ] proxy_util.c(): AH02824: HTTPS: connection established with 123.123.123.2: (123.123.123.2)

[Thu Sep  ::27.581151 ] [proxy:debug] [pid ] proxy_util.c(): AH00962: HTTPS: connection complete to 123.123.123.2: (123.123.123.2)

[Thu Sep  ::27.581161 ] [ssl:info] [pid ] [remote 123.123.123.2:] AH01964: Connection to child  established (server 192.168.10.30:)

[Thu Sep  ::27.598908 ] [ssl:debug] [pid ] ssl_engine_kernel.c(): [remote 123.123.123.2:] AH02275: Certificate Verification, depth , CRL checking mode: none [subject: CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US / issuer: CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US / serial: 0279AC458BC1B245ABF98053CD2C9BB1 / notbefore: Nov  ::  GMT / notafter: Nov  ::  GMT]

[Thu Sep  ::27.599201 ] [ssl:debug] [pid ] ssl_engine_kernel.c(): [remote 123.123.123.2:] AH02275: Certificate Verification, depth , CRL checking mode: none [subject: CN=*.ele-cloud.com / issuer: CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US / serial: 01B4CA2CA4522D242C3055C4C5920F94 / notbefore: Aug  ::  GMT / notafter: Aug  ::  GMT]

[Thu Sep  ::27.610271 ] [ssl:debug] [pid ] ssl_engine_kernel.c(): [remote 123.123.123.2:] AH02041: Protocol: TLSv1., Cipher: ECDHE-RSA-AES128-SHA256 (/ bits)

[Thu Sep  ::27.760324 ] [proxy:debug] [pid ] proxy_util.c(): AH00925: initializing worker https://123.123.123.2 shared

[Thu Sep  ::27.760336 ] [proxy:debug] [pid ] proxy_util.c(): AH00927: initializing worker https://123.123.123.2 local

[Thu Sep  ::27.760353 ] [proxy:debug] [pid ] proxy_util.c(): AH00931: initialized single connection worker in child  for (123.123.123.2)

[Thu Sep  ::28.238290 ] [proxy:debug] [pid ] proxy_util.c(): AH00943: https: has released connection for (123.123.123.2)

顺便记录反向代理http

[root@oc conf.d]# vim vhost.conf

listen 

<VirtualHost *:>

    #管理员邮箱

    ServerAdmin webmaster@dummy-host.example.com

    #域名

    ServerName 本机ip

    <Proxy *>

        Order deny,allow

        Allow from all

    </Proxy>

    ProxyPreserveHost On

    ProxyRequests Off #关闭正向代理

    ProxyPassMatch ^/recipt/checkFp http://123.48.78.9:8080 #默认端口80,不需要填端口

    ProxyPass / !

    ProxyPassReverse / !

    ErrorLog /var/log/httpd/test_error_log

    CustomLog /var/log/httpd/test_access_log combined

</VirtualHost>

反向代理不过滤path

[root@oc conf.d]# vim vhost.conf

listen 

<VirtualHost *:>

    #管理员邮箱

    ServerAdmin webmaster@dummy-host.example.com

    #域名

    ServerName 本机ip

    <Proxy *>

        Order deny,allow

        Allow from all

    </Proxy>

    ProxyPreserveHost On

    ProxyRequests Off #关闭正向代理

    ProxyPass / http://123.48.78.9:8080

    ProxyPassReverse / http://123.48.78.9:8080

    ErrorLog /var/log/httpd/test_error_log

    CustomLog /var/log/httpd/test_access_log combined

</VirtualHost>

最新文章

  1. 模块化之Spring3.0 web fragment和gradle构建项目
  2. asp.net中获取本机的相关信息!(CPU、内存、硬盘序列号等)
  3. Hadoop HDFS 用户指南
  4. Hot code replace failed
  5. Yii源码阅读笔记(十三)
  6. shell 脚本文件Windows传到Linux后编码问题
  7. EasyUI 自定义DataGrid分页
  8. asp.net MVC dropList 绑定
  9. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)
  10. .NET参数化Oracle查询参数
  11. NUnit实战,第一个测试类,测试事件触发是否是并行的
  12. Java的参数传递是值传递还是引用传递
  13. vue3+typescript引入外部文件
  14. Oracle初级优化sql
  15. Django框架详细介绍---ORM相关操作---select_related和prefetch_related函数对 QuerySet 查询的优化
  16. Python中的包ImportError
  17. JVM总结-虚拟机怎么执行字节码
  18. (第十二周)Debug阶段成员贡献分
  19. django字段查询参数及聚合函数
  20. [mysql] mysql如何实现更新一条记录中某个字段值的一部分呢?

热门文章

  1. CDN是啥?
  2. LTE常用标识和参数
  3. 《HelloGitHub》第 50 期
  4. React Router简单Demo
  5. 百万年薪架构师一文整理RabbitMQ、ActiveMQ、RocketMQ、Kafka
  6. Java IO(五)字节流 FileInputStream 和 FileOutputStream
  7. ## H5 canvas画图白板踩坑
  8. Rocket - util - IDPool
  9. Rocket - diplomacy - Node相关类
  10. Rocket - config - Parameters