站点有两个URL。外部是https://example.com:543在内部是https://example.com。端口543处的外部请求被内部路由到端口443,因此使用了端口443的单个虚拟主机,但是使用了多个proxypass条目。问题在于任何给定时间https://example.com:543和https://example.com在VirtualHost文件中禁用一个ProxyPass条目,而https:543和https://example.com进行工作。可以共存和工作吗?
# ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
# ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
以下是完整的虚拟主机配置
<VirtualHost *:443>
ServerName example.com
ErrorLog /var/log/apache2/ssl_error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
TransferLog /var/log/apache2/ssl_access_log
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateChainFile /etc/apache2/ssl/example_com.ca-bundle
<Files ~ ".(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
# Balance load between 4 ZEO front-ends
<Proxy balancer://lbyourorganization>
BalancerMember http://127.0.0.1:8081/
BalancerMember http://127.0.0.1:8082/
BalancerMember http://127.0.0.1:8091/
BalancerMember http://127.0.0.1:8092/
# Use Pending Request Counting Algorithm (s. http://httpd.apache.org/docs/current/mod/mod_lbmethod_bybusyness.html).
# This will reduce latencies that occur as a result of long running requests temporarily blocking a ZEO client.
# You will need to install the separate mod_lbmethod_bybusyness module in Apache 2.4.
ProxySet lbmethod=bybusyness
</Proxy>
ProxyPass /balancer-manager !
# ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
# ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:443/ams/VirtualHostRoot/
ProxyPass / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
ProxyPassReverse / balancer://lbyourorganization/http://localhost/VirtualHostBase/https/example.com:543/ams/VirtualHostRoot/
</VirtualHost>
最简单的解决方案是更改路由器配置,以将外部流量指向与内部流量不同的端口(例如内部为543),然后在Apache HTTPD中使用两个<VirtualHost>
配置两个不同的ProxyPass/ProxyPassReverse
设置。