Search Results

Search found 8288 results on 332 pages for 'proxy models'.

Page 100/332 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >

Can Haproxy deny a request by IP if its stick-table is full?

- by bantic

In my haproxy configs I'm setting a stick-table of size 5 that stores every incoming IP address (for 1 minute), and it is set as nopurge so new entries won't get stored in the table. What I'd like to have happen is that they would get denied, but that isn't happening. The stick-table line is: stick-table type ip size 5 expire 1m nopurge store gpc0 And the whole configs are: global maxconn 30000 ulimit-n 65536 log 127.0.0.1 local0 log 127.0.0.1 local1 debug stats socket /var/run/haproxy.stat mode 600 level operator defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms backend fragile_backend tcp-request content track-sc2 src stick-table type ip size 5 expire 1m nopurge store gpc0 server fragile_backend1 A.B.C.D:80 frontend http_proxy bind *:80 mode http option forwardfor default_backend fragile_backend I have confirmed (connecting to haproxy's stats using socat readline /var/run/haproxy.stat) that the stick-table fills up with 5 IP addresses, but then every request after that from a new IP just goes straight through -- it isn't added to the stick-table, nothing is removed from the stick-table, and the request is not denied. What I'd like to do is deny the request if the stick-table is full. Is this possible? I'm using haproxy 1.5.

Read the article
Changing the current URL but serving content from another (same domain) - ProxyPass?

- by zigojacko

I've been banging my head against the wall with this for months now so I hope someone on here will be able to finally advise what is needed for this. I have some URL's like this:- domain.com/category/subcat/filter/brand And I wish to rewrite the URL's to:- domain.com/category/brand-subcat Content loads fine at the first URL, I just want to show it at a different URL - is URL masking the correct term for this? I have a RewriteRule in .htaccess that should do this job as far as I believe:- RewriteRule ^([a-zA-Z]+)/([a-zA-Z]+)/filter/([a-zA-Z]+)$ $1/$3-$2 This isn't actually modifying the URL at all though on a Magento website (mod_rewrite is enabled and plenty of other rewrites are working from the same .htaccess). So firstly, I want to know is what I am trying to achieve definitely possible? If so, what is this process even called? Secondly, does this need to be handled using ProxyPass and then use a [P] flag with the rewrite rule? I assume the Apache server doesn't have mod_proxy enabled currently because when I add a [P] flag, the URL returns a 403 forbidden error with the full server path for the current URL. Please could anyone kindly advise what on earth I need to do to achieve this?

Read the article
squid authentication with win2008

- by manoj

sir,i intalled asquid server in linux redhat5..i need to authenitcate the users from my acivre directory in windos 2008.but its repaetedly prompting for username and password and finally tels accec denied.i configuredthrough ntlm auth in squid..pls helpme anyone

Read the article
What is the overhead when redirect through mod_proxy

- by ivoba

I have an API that used to run on Apache but now is served via lighttpd. I can easily switch the API URL in the app to the lighty port like api.net:81. I wonder if I should use mod_proxy instead to have cleaner urls. There is no redirect for legacy urls necessary. What would be the overhead for the Apache in between compared to the direct call? Would mod_proxy and Apache steal the benefit of lightys lightweightness?

Read the article
SVN Active Directory authentication with ProxyPass redirect in the mix

- by Jason B. Standing

We have a BitNami SVN stack running on a Windows machine which holds our SVN repository. It's set up to authenticate against our AD server and uses authz to control rights. Everything works perfectly if Tortoise points at http://[machine name]/svn However - we need to be able to access it from http://[domain]/svn. The domain name points to a linux environment that we're decommissioning, but until we do, other systems on that box prevent us from just re-pointing the domain record. Currently, we've got a ProxyPass record on the linux machine to forward requests through to http://[machine name]/svn - it seems to work fine, and the endpoint machine asks for credentials, then authenticates: but when that happens, the access attempt is logged as coming from the linux box, rather than from the user who has authenticated. It's almost like some element of the credentials aren't being passed through to the endpoint machine. Has anyone done this before, or is there other info I can give to try to make sense of this problem, and figure out a way to solve it? Thankyou!

Read the article
Do large corporations block jQuery content on web pages?

- by Max Vernon

We are currently redesigning our website. The company we've hired to do the redesign is advocating the use of jQuery to render the pages dynamically. Our SEO specialist is under the impression that many larger corporations may have jQuery blocked in their proxies to prevent their users from visiting sites like Facebook. Is this something you are aware of? Forgive me if this is off topic for SF.SE!

Read the article
Localhost service accessible from remote address

- by dynback.com

I have on my home Windows box - Cassini server with localhost:10000. And I want it be accessible in internet by my static IP. Tried netcat, "nc -l -p 10001 localhost 10000". But it results in "invalid connection to [IP] from [IP] 16074" Also before that it was working on Opera Unite properly, but now only writes a message: "An error occured. See error log for details". I dont know where to get that log.

Read the article
Set up a "relay" service

- by trikks

Hi! I'm trying to create a 'left client' server < 'right client' setup but need some advice and tips. Let's say that I have a server-daemon on the left side, like a vnc-server that connects to the middle server. On the right side I've got a client that want to connect to the left server-daemon, but it has to be done through the middle server. I assume this should be done with some tunneling service. The server environment is a fully featured Debian Linux or Mac OS X Server host. Any idéas? Thanks / Trikks

Read the article
How to divert traffic based on hostname using HAProxy?

- by Bosky

I've had some initial success with HAProxy setting up a bunch of app servers listening on various other ports. I now have another webserver listening on one port, and i'd like to what changes to make to my config to flow traffic by hostname as well. The following is the current setup, assuming: my apache webserver is running at examplecom:8001 my bunch of app servers 0.0.0.0:8081, 0.0.0.0:8082 , 0.0.0.0:8083 global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 debug #quiet #user haproxy #group haproxy defaults log global mode http option httplog option dontlognull retries 3 redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 listen appservers 0.0.0.0:80 mode http balance roundrobin option httpclose option forwardfor #option httpchk HEAD /check.txt HTTP/1.0 server inst1 0.0.0.0:8081 cookie server01 check inter 2000 fall 3 server inst2 0.0.0.0:8082 cookie server02 check inter 2000 fall 3 server inst3 0.0.0.0:8083 cookie server01 check inter 2000 fall 3 server inst4 0.0.0.0:8084 cookie server02 check inter 2000 fall 3 capture cookie vgnvisitor= len 32 (any other comments on the ^ setup are welcome.) Now I'd like to continue the same above, but in addition in case - if the hostname is myspecialtopleveldomain<dot>com, then would like to flow traffic to example<dot>com:8001 ~B

Read the article
Why does sub_filter seem to not work when used in conjunction with proxy_pass?

- by kylehayes

Given the following configuration of nginx: server { listen 80; server_name apilocal; sub_filter "apiupstream/api" "apilocal"; sub_filter_once off; location /people/ { proxy_pass http://apiupstream/api/people/; proxy_set_header Accept-Encoding ""; } } Sub_filter does not properly response parts of the response. Once I remove proxy_pass from the configuration, it works properly. A lot of folks with this problem end up having gzip compression from the upstream server. I've verified that my upstream server does not have gzip encoding turned on for its responses. But just in case, I've also used the proxy_set_header above to not accept gzip. Is there potentially something else I'm missing?

Read the article
Circumventing a manual HTML login page for "unclassified" websites (automation purposes, credentials

- by auramo

The IT department just made my life a little bit harder again: they introduced a manual HTML login page for all websites they have not "classified". This means that all the applications which try to access unclassified websites for e.g. downloading plugins do not work. Examples: Eclipse plugin installation, Maven builds etc. What would be the easiest workaround for this? The best I've come up with is try to extend/customize Ruby's httpproxy.rb that comes with Webrick. I would automate the manual login process whenever that login response page is detected. This sounds quite painful, and I think there might/should be simpler options?

Read the article
For a particular domain, how can I cache its JSON responses locally?

- by Chris

I'm coding the frontend of a web app that uses XHR to grab JSON data from a 3rd party. The 3rd party service is slow and because of its API design, we need to make a LOT of API requests every time I refresh the page to test some new code. It's making the development loop painful. The requests are GETs, POSTs and PUTs even though I'm pretty sure none of the requests are changing state. I want to go to localhost for the JSON rather than to this 3rd party API - simply to make my development process faster.

Read the article
using nginx with proxy_pass on a subdomain

- by marcus3006

a have a rails app that should listen on the subdomain redmine.example.com (using proxy_pass). all other requests for *.example.com should just redirect to a normal index.html. Here is my configuration: server { server_name www.example.com example.com; root /home/deploy/static/example; } upstream redmine { server unix:/tmp/redmine.socket fail_timeout=0; } server { # you could put a list of other domain names this application answers server_name redmine.example.com; root /home/deploy/rails/redmine/public; access_log /var/log/nginx/redmine_access.log; rewrite_log on; location * { proxy_pass http://redmine; } location ~ ^/(assets)/ { root /home/deploy/rails/redmine/public; gzip_static on; # to serve pre-gzipped version expires max; add_header Cache-Control public; } } anyone knows what's going wrong here? requests to example.com and www.example.com are handled correctly. when i try to acces redmine.example.com = "couldn't resolve host"

Read the article
ProxyPass for specific vhost

- by Steve Robbins

I have a web server that it set up to dynamically server different document roots for different domains <VirtualHost *:80> <IfModule mod_rewrite.c> # Stage sites :: www.[document root].server.company.com => /home/www/[document root] RewriteCond %{HTTP_HOST} ^www\.[^.]+\.server\.company\.com$ RewriteRule ^(.+) %{HTTP_HOST}$1 [C] RewriteRule ^www\.([^.]+)\.server\.company\.com(.*) /home/www/$1/$2 [L] </IfModule> </VirtualHost> This makes it so that www.foo.server.company.com will serve the document root of server.company.com:/home/www/foo/ For one of these sites, I need to add a ProxyPass, but I only want it to be applied to that one site. I tried something like <VirtualHost *:80> <Directory /home/www/foo> UseCanonicalName Off ProxyPreserveHost On ProxyRequests Off ProxyPass /services http://www-test.foo.com/services ProxyPassReverse /services http://www-test.foo.com/services </Directory> </VirtualHost> But then I get these errors ProxyPreserveHost not allowed here ProxyPass|ProxyPassMatch can not have a path when defined in a location. How can I set up a ProxyPass for a single virtual host?

Read the article
Forwarding requests throught Apache to openVPN

- by Ency

I am wondering if it is possible to redirect requests through Apache to eg. OpenVPN. As long as I need to bypass firewall, I need to use port 80/443 for openVPN, but there is Apache server which has both port for itself. Client ---> Firewall (allows 80/443 only) --->| ---> Apache (80/443) ---> OpenVPN (1194) | -------------------------------------------- My Server I was thinking about mod_proxy, but I am not sure if it is good idea, have you got any ideas? I hope possible solution will be applicable on virtual host as well.

Read the article
apache mod_filter for search and replace request

- by Ram

I need to search and replace text in incoming requests to apache balancer. I can't make mod_filter to work. I found this: FilterProvider replace SUBSTITUTE Content-Type $text/ FilterChain +replace Substitute "s|wrongtext|rightext|n" I think it is wrong.

Read the article
Apache forwarding without redirecting (application won't follow redirects)

- by DrewVS

Recently we had to move /task to /public/task, and I'd like to configure Apache to redirect accordingly. However, using mod_rewrite, though it works in the browser, seems to break applications making api calls to the above location. What happens is the application returns a page with the message saying the page was moved, but the app doesn't follow the redirect. So, is there a way to simply forward any traffic to /task to /public/task without 'redirecting', i.e, returning a redirect status code? EDIT: Here's a little more information. I've found a simple test to clarify what I'm trying to fix. Here is the URL path that needs forwarding: https://mydomain.com/task Needs to go to: https://mydomain.com/public/task If I use curl against the original domain, it just returns a redirect page notice. If I add the -L flag, which tells curl to follow redirects, it then follows the redirect successfully. I assume something very similar is happening in the application (which I don't have access to) that makes calls to the /task URL path. Since I cannot modify the application to make it follow redirects properly, I'm looking for a solution I can implement in Apache.

Read the article
Invisible Apache redirect

- by Guilhem Soulas

I would like subdomain.mydomain.com to invisibly redirect to https://[myServerIP]:2083. (There is an SSL issue here). So far I managed to do it, but the redirection is visible and I don't want it: RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^subdomain.\.mydomain\.com$ RewriteRule ^ https://[myServerIP]:2083/ Would it be a way to achieve the same redirection while maintaining permanently my beautiful "subdomain.mydomain.com" in the address bar? EDIT with the ProxyPass directive: I tried some variations with ProxyPass but it will still change the URL in the address bar: ServerName subdomain.mydomain.com <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} ^subdomain\.mydomain\.com$ RewriteRule ^ https://[myServerIP]:2083/ EDIT2: It still doesn't work: #non SSL ServerName subdomain.mydomain.com #SSL! <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> EDIT3: It now works using the SSLProxyEngine directive: SSLProxyEngine on ServerName subdomain.mydomain.com <Location /> ProxyPass https://[myServerIP]:2083/ ProxyPassReverse https://[myServerIP]:2083/ </Location> I can now access my login interface (cPanel). However, once I'm logged in it doesn't redirect to the next page subdomain.mydomain.com/cpsess5850710203/.

Read the article
solutions for a webserver dedicated to manage permissions/ACL and (reverse) proxying API servers?

- by giohappy

I'm considering various layouts to expose various HTTP API services (running on their own differents servers) through a frontend server dedicated to manage permissions on behalf of the API services. I've considered various options, from the classical ones like Nginx, Apache, etc. to HAProxy, passing by the various Python webserver solutions like Tornado, Twisted (which gives me the opportunity to implement my own ACL system easily). The foundamental feature is high performance and scalability, and the ability to manage fine grained ACL rules (similar to the HAProxy ACL system) I would like to know what is a suggested approach to setup what I need, and if (opne source) ready-to-use solutions are already available dedicated to this.

Read the article
Route SOAP request through external server

- by sanbornm

I need to integrate with a SOAP Web Service that requires that the requests come from a whitelisted IP address. As I often do development from all over the place it is quite annoying to ask for a new whitelisted IP each time. I have a remote server that is whitelisted. How can I route my SOAP request (I can change the endpoint in the WSDL) to my remote machine and have that forwarded to the Web Service? My remote server is used for other things so it needs to only forward a specific port, not all traffic. Oh, and the Web Service expects SSL.

Read the article
Is there an easy way to configure an Ubuntu system to function as a proxy/file server from behind an NAT?

- by amol.kamath

Sorry for the long question, but the situation/desire is quite complex. Here is my setup: I have a laptop which I carry around everywhere and I have a desktop sitting at home, connected to the internet through a router using NAT. My objective is to create a connection from my laptop to my desktop that can allow me to (in order of priority): Use the desktop as a proxy server Access files on the desktop remotely Control said desktop from the laptop using VNC or similar. Now here is the scene. I have already looked up and tried several ways to achieve the above goals. Teamviewer - I used it and didn't like it. This is not an option. SSH - This seems ideal, I have figured a way to use this for both proxy and file sharing. However, I am currently unable to connect it due to the NAT. I have a separate thread trying to get that to work here. VPN - I've figured out how to use this method for proxy, but not file sharing. However this faces the same problem as the above: I can't get it to connect through the NAT. Does anyone have any other solutions for what I want? Otherwise, if there are solutions to connecting through the NAT, please tell me (in the other thread). Thanks

Read the article
Send User-Agent through CONNECT and POST with WinHTTP?

- by Duncan Bayne

I'm trying to POST to a secure site using WinHttp, and running into a problem where the User-Agent header isn't being sent along with the CONNECT. I am using a lightly-modified code sample from MSDN: HINTERNET hHttpSession = NULL; HINTERNET hConnect = NULL; HINTERNET hRequest = NULL; WINHTTP_AUTOPROXY_OPTIONS AutoProxyOptions; WINHTTP_PROXY_INFO ProxyInfo; DWORD cbProxyInfoSize = sizeof(ProxyInfo); ZeroMemory( &AutoProxyOptions, sizeof(AutoProxyOptions) ); ZeroMemory( &ProxyInfo, sizeof(ProxyInfo) ); hHttpSession = WinHttpOpen(L"WinHTTP AutoProxy Sample/1.0", WINHTTP_ACCESS_TYPE_NO_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0); if(!hHttpSession) goto Exit; hConnect = WinHttpConnect( hHttpSession, L"server.com", INTERNET_DEFAULT_HTTPS_PORT, 0 ); if( !hConnect ) goto Exit; hRequest = WinHttpOpenRequest(hConnect, L"POST", L"/resource", NULL, WINHTTP_NO_REFERER, WINHTTP_DEFAULT_ACCEPT_TYPES, WINHTTP_FLAG_SECURE ); if( !hRequest ) goto Exit; WINHTTP_PROXY_INFO proxyInfo; proxyInfo.dwAccessType = WINHTTP_ACCESS_TYPE_NAMED_PROXY; proxyInfo.lpszProxy = L"192.168.1.2:3199"; proxyInfo.lpszProxyBypass = L""; WinHttpSetOption(hHttpSession, WINHTTP_OPTION_PROXY, &proxyInfo, sizeof(proxyInfo)); WinHttpSetCredentials(hRequest, WINHTTP_AUTH_TARGET_PROXY, WINHTTP_AUTH_SCHEME_BASIC, L"proxyuser", L"proxypass", NULL); if( !WinHttpSendRequest(hRequest, WINHTTP_NO_ADDITIONAL_HEADERS, 0, "content", 7, 7, 0)) { goto Exit; } if(!WinHttpReceiveResponse(hRequest, NULL)) goto Exit; /* handle result */ Exit: if( ProxyInfo.lpszProxy != NULL ) GlobalFree(ProxyInfo.lpszProxy); if( ProxyInfo.lpszProxyBypass != NULL ) GlobalFree( ProxyInfo.lpszProxyBypass ); if( hRequest != NULL ) WinHttpCloseHandle( hRequest ); if( hConnect != NULL ) WinHttpCloseHandle( hConnect ); if( hHttpSession != NULL ) WinHttpCloseHandle( hHttpSession ); What this does is connect to my server through an authenticated proxy at 192.168.1.2:3199, and make a POST. This works, but when I examine the proxy logs the User-Agent string ("WinHTTP AutoProxy Sample/1.0") is not being sent as part of the CONNECT. It is however sent as part of the POST. Could someone please tell me how I can change this code to have the User-Agent header sent during both the CONNECT and POST? Edited to add: we are observing this problem only on Windows 7. If we run the same code on a Windows Vista box, we can see the User-Agent header being sent on CONNECT.

Read the article
Integrate gmail in asp.net web application

- by Zerotoinfinite

Hi, I am using asp.net 3.5 with C#. I want to integrate gmail into my site, just like any widget so that, people can login there and can access their gmail account. Actually gmail is blocked in my organisation & I want to access it via proxy that I can integrate in my website. Thanks a billion.

Read the article
Getting RAW Soap Data from a Web Reference Client running in ASP.net

- by Harry

I'm trying to trouble shoot a web service client in my current project. I'm not sure of the platform of the Service Server (Most likely LAMP). I believe there is a fault on their side of the fence as i have eliminated the potential issues with my client. The client is a standard ASMX type web reference proxy auto generated from the service WSDL. What I need to get to is the RAW SOAP Messages (Request and Responses) What is the best way to go about this?

Read the article
Suppress the HTTP_X_FORWARDED_FOR http header, c# .net C++

- by Sean

I'm writing an application in C# that uses proxies. The proxies are sending the HTTP_X_FORWARDED_FOR during HTTP requests, and this is unwanted behavior. I am extending the Interop.SHDocVw axWebBrowser (aka Internet Explorer) control right now, but can take another approach if needed for this problem. Is there some way to suppress this header... can this be done in code, on the proxy server, or not at all?

Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >