We don't have any transparent proxying on this firewall. It's just an IPTABLES firewall using PREROUTING portforwarding: /sbin/iptables -A PREROUTING -t nat -p tcp -d PUBLIC_IP --dport 80 -j DNAT --to PRIVATE_IP:80 It works wonderful with just Zserver and I have used it countless other places with standard Apache / PHP servers. I looked into Virtualhostmonster. Apparently you have to use that with Apache? It isn't something that you can just use with Zserver? Anywho. Anymore suggestions would be welcome. The end result is that I have to get this web server secured. Whether I use Apache on the front end, or somebody can tell me how to get M2Crypto to work on this linux box. Thanks for all your help. Rick On Tuesday 16 April 2002 12:00 pm, you wrote:
D.Rick Anderson wrote:
Ok. I'm still having a horrible time getting Apache working in front of my Zope installation through the firewall. I have Zope running on port 8080 and Apache running on port 80. Here's my VirtualHost section:
<VirtualHost 192.168.107.3> ServerName www.hostname.com ProxyPass / http://www.hostname.com:8080/domain_subdir/ ProxyPassReverse / http://www.hostname.com:8080 </VirtualHost>
That's the only way I could get ProxyPass to work on the local network, and it works great, but only on the local network. If you try to hit it outside our firewall you simply get the Apache "test" page. I've also done:
I'd guess that perhaps you have a transparent proxy on your firewall which is not forwarding Host: headers.
Sniff your traffic as it arrives at your server. My favourite quick and dirty way of doing this is to run netcat listening on port 80 like so:
# nc -vv -l -p 80
And then request a page from outside your firewall, and watch what gets dumped to your terminal. You could alternatively use shane's tcpwatch (do a search for it) or tcpdump or something like that to watch the whole server - client conversation.
<VirtualHost 192.168.107.3> ServerName www.hostname.com RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) /var/www/cgi-bin/Zope.cgi$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] </VirtualHost>
BTW, the 'recommended' way of doing the apache/virtualhost thing is to use virtualhostmonsters:
http://www.zope.org/Members/mwr/VHosts_With_Zope_Default
or you could do it all in zope using:
http://www.zope.org/Members/sfm/SiteAccessEnhanced
seb
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
-------------------------------------------------------