I have a back-end server behind a proxy machine. I would like non-SSL requests to the proxy to be rewritten into HTTPS requests to the back-end server, while not screwing up URLs with missing or misplaced trailing URL slashes. So far, on the proxy side, I have this in a virtual host for port 80:
Code:
ReWriteEngine On
# trailing slash fix:
RewriteCond %{SERVER_NAME} my.proxy.com$ [NC]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*?[^/])$ $1/ [R]
# send all requests to the HTTPS site:
RewriteCond %{SERVER_NAME} my.proxy.com$ [NC]
RewriteRule ^/(.*)$ https://my.proxy.com/$1 [R=301,NC,L]
I included the SERVER_NAME conditions because there are other HTTPS virtual hosts being served by this proxy, and it seemed that without these conditions this virtual host was "stealing" requests for other hosts and screwing them up.
And this within a virtual host in ssl.conf on the proxy:
Code:
SSLProxyEngine on
ProxyPass / https://backend.server.com:443/
ProxyPassReverse / https://backend.server.com:443/
I found the proxy requests would fail without the 'SSLProxyEngine on' directive in ssl.conf, as well as without adding 'NameVirtualHost *:443' to ssl.conf.
The results so far are that a base URL request rewrite works:
http://my.proxy.com ==>
https://my.proxy.com/
https://my.proxy.com ==>
https://my.proxy.com/
But adding anything else to the URL fails, as the back-end server name gets stuck into the proxied URL:
http://my.proxy.com/~something ==>
https://backend.server.com/~something/
The rewrite log seems okay, I think. So I guess this is failing at the reverse proxy rule? Where am I going wrong?