[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-users
Subject: [users@httpd] Re: Bypass landing page based upon cookie
From: Herb Burnswell <herbert.burnswell () gmail ! com>
Date: 2019-03-25 18:05:51
Message-ID: CAOuzmw4S3k4ghqMMxeE76butqrmZpmE7gQPgf7vh0EfN=o2G8w () mail ! gmail ! com
[Download RAW message or body]
On Sun, Mar 24, 2019 at 8:53 PM Herb Burnswell <herbert.burnswell@gmail.com>
wrote:
> All,
>
> Apache 2.4.27
> OS: RHEL 7.6
>
> We're using httpd as a reverse proxy to 3 back end application servers.
> We have a landing page for users to select their geographical region.
> Everything works as expected with the current setup, however, we'd like
> users to not have to re-select their region on return visits.
>
> So, ideally we set a cookie (or two) and use mod_rewrite to direct
> requests that have the cookie(s) in place.
>
> I have not been able to get this working as I am not that familiar with
> what I need to be redirecting on. I'm assuming I need to do something like:
>
> RewriteEngine ON
> RewriteCond %{HTTP_COOKIE} region=us [NC]
> RewriteRule "/index.html" "/CA/en_US"
>
> I added this inside of the landing page directory block, but is just sent
> the request into a redirect loop. Here is the whole virtualhost block:
>
> <VirtualHost *:443>
>
> ServerName example.com
>
> SSLEngine on
> SSLProxyEngine on
> SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
> SSLHonorCipherOrder On
> SSLCompression off
> SSLUseStapling on
> SSLSessionTickets Off
> SSLCertificateFile /etc/pki/tls/certs/server.crt
> SSLCertificateKeyFile /etc/pki/tls/certs/server.key
>
> Header always set Strict-Transport-Security "max-age=63072000;
> includeSubDomains"
> Header always set X-Frame-Options DENY
> Header always set X-Content-Type-Options nosniff
>
> Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/"
> env=BALANCER_ROUTE_CHANGED
>
> Alias "/balancermanager" /var/www/html/balancermanager
>
> <Location /balancermanager>
>
> SetHandler balancer-manager
> Order Deny,Allow
> Deny from all
> Allow from 10.1.1.10
>
> </Location>
>
> DocumentRoot /var/www/html/home
>
> <Directory /var/www/html/home>
>
> FallbackResource /index.html
> Require all granted
> AddType text/html html
> AddType text/css css
> AddType image/svg+xml svg
> AddType image/jpeg jpeg jpg jpe png
>
> </Directory>
>
>
> <Proxy balancer://balancer_nodes>
>
> BalancerMember https://node1.example.com:8443 route=node1 keepalive=On
> ping=3 ttl=60
> BalancerMember https://node2.example.com:8443 route=node2 keepalive=On
> ping=3 ttl=60
> BalancerMember https://node3.example.com:8443 route=node3 keepalive=On
> ping=3 ttl=60
> ProxySet lbmethod=bybusyness
>
> </Proxy>
>
> ProxyRequests Off
> ProxyPreserveHost On
> ProxyPassMatch .*\.php$ !
> ProxyPassMatch .*\.asp$ !
> ProxyPassMatch .*\.pl$ !
> ProxyPassMatch .*\.pm$ !
> ProxyPassMatch .*\.rb$ !
> ProxyPassMatch .*\.py$ !
> ProxyPass /balancermanager !
> Alias "/favicon.ico" /var/www/html/home/favicon.ico
> ProxyPass "/US/en_US/" balancer://balancer_nodes/US/en_US/
> stickysession=ROUTEID
> ProxyPassReverse "/US/en_US/" balancer://balancer_nodes/US/en_US/
> stickysession=ROUTEID
> ProxyPass "/CA/en_CA/" balancer://balancer_nodes/CA/en_CA/
> stickysession=ROUTEID
> ProxyPassReverse "/CA/en_CA/" balancer://balancer_nodes/CA/en_CA/
> stickysession=ROUTEID
>
> </VirtualHost>
>
> Any guidance is greatly appreciated.
>
> Thanks,
>
> HB
>
Hi,
I am able to successfully read the cookie with the following:
RewriteEngine On
RewriteCond %{HTTP_COOKIE} region=us
However, I am not sure how to redirect the traffic to the
balancer://balancer_nodes proxy configuration. It wants to keep the
traffic local which obviously fails. I have tried:
RewriteRule ^/index.html "balancer://balancer_nodes/US/en_US/
stickysession=ROUTEID" [P]
RewriteRule ^/index.html balancer://balancer_nodes/US/en_US/ [P]
RewriteRule ^/index.html /US/en_US/
Thanks,
HB
[Attachment #3 (text/html)]
<div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Mar 24, 2019 at 8:53 PM \
Herb Burnswell <<a \
href="mailto:herbert.burnswell@gmail.com">herbert.burnswell@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div \
dir="ltr">All,<div><br></div><div>Apache 2.4.27</div><div>OS: RHEL \
7.6</div><div><br></div><div>We're using httpd as a reverse proxy to 3 back end \
application servers. We have a landing page for users to select their geographical \
region. Everything works as expected with the current setup, however, we'd like \
users to not have to re-select their region on return \
visits.</div><div><br></div><div>So, ideally we set a cookie (or two) and use \
mod_rewrite to direct requests that have the cookie(s) in \
place.</div><div><br></div><div>I have not been able to get this working as I am not \
that familiar with what I need to be redirecting on. I'm assuming I need to do \
something like:</div><div><br></div><div>RewriteEngine ON</div><div>RewriteCond \
%{HTTP_COOKIE} region=us [NC]</div><div>RewriteRule "/index.html" \
"/CA/en_US"</div><div><br></div><div>I added this inside of the landing \
page directory block, but is just sent the request into a redirect loop. Here is \
the whole virtualhost block:</div><div><br></div><div><div><VirtualHost \
*:443></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>ServerName <a href="http://example.com" \
target="_blank">example.com</a></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>SSLEngine on</div><div><span \
style="white-space:pre-wrap"> </span>SSLProxyEngine on</div><div><span \
style="white-space:pre-wrap"> </span>SSLProtocol all -SSLv2 -SSLv3 -TLSv1 \
-TLSv1.1</div><div><span style="white-space:pre-wrap"> </span>SSLCipherSuite \
EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH</div><div><span \
style="white-space:pre-wrap"> </span>SSLHonorCipherOrder On</div><div><span \
style="white-space:pre-wrap"> </span>SSLCompression off</div><div><span \
style="white-space:pre-wrap"> </span>SSLUseStapling on</div><div><span \
style="white-space:pre-wrap"> </span>SSLSessionTickets Off</div><div><span \
style="white-space:pre-wrap"> </span>SSLCertificateFile \
/etc/pki/tls/certs/server.crt</div><div><span \
style="white-space:pre-wrap"> </span>SSLCertificateKeyFile \
/etc/pki/tls/certs/server.key</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>Header always set Strict-Transport-Security \
"max-age=63072000; includeSubDomains"</div><div><span \
style="white-space:pre-wrap"> </span>Header always set X-Frame-Options \
DENY</div><div><span style="white-space:pre-wrap"> </span>Header always set \
X-Content-Type-Options nosniff</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>Header add Set-Cookie \
"ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" \
env=BALANCER_ROUTE_CHANGED</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>Alias "/balancermanager" \
/var/www/html/balancermanager</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span><Location \
/balancermanager></div><div><br></div><div> SetHandler \
balancer-manager</div><div> Order Deny,Allow</div><div> Deny \
from all</div><div> Allow from 10.1.1.10</div><div><br></div><div> \
</Location></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>DocumentRoot<span \
style="white-space:pre-wrap"> </span>/var/www/html/home</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span><Directory \
/var/www/html/home></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>FallbackResource /index.html</div><div><span \
style="white-space:pre-wrap"> </span>Require all granted</div><div><span \
style="white-space:pre-wrap"> </span>AddType text/html html</div><div><span \
style="white-space:pre-wrap"> </span>AddType text/css css</div><div><span \
style="white-space:pre-wrap"> </span>AddType<span \
style="white-space:pre-wrap"> </span>image/svg+xml svg</div><div><span \
style="white-space:pre-wrap"> </span>AddType image/jpeg jpeg jpg jpe \
png</div><div><br></div><div><span \
style="white-space:pre-wrap"> </span></Directory></div><div><br></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span><Proxy \
balancer://balancer_nodes></div><div><br></div><div><span \
style="white-space:pre-wrap"> </span>BalancerMember <a \
href="https://node1.example.com:8443" \
target="_blank">https://node1.example.com:8443</a> route=node1 keepalive=On ping=3 \
ttl=60</div><div><span style="white-space:pre-wrap"> </span>BalancerMember <a \
href="https://node2.example.com:8443" \
target="_blank">https://node2.example.com:8443</a> route=node2 keepalive=On ping=3 \
ttl=60</div><div><span style="white-space:pre-wrap"> </span>BalancerMember <a \
href="https://node3.example.com:8443" \
target="_blank">https://node3.example.com:8443</a> route=node3 keepalive=On ping=3 \
ttl=60</div><div> ProxySet lbmethod=bybusyness</div><div><br></div><div> \
</Proxy></div><div> </div><div><span \
style="white-space:pre-wrap"> </span>ProxyRequests<span \
style="white-space:pre-wrap"> </span>Off</div><div> ProxyPreserveHost \
On</div><div><span style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.php$ !</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.asp$ !</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.pl$<span \
style="white-space:pre-wrap"> </span>!</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.pm$ !</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.rb$ !</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassMatch<span \
style="white-space:pre-wrap"> </span>.*\.py$ !</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPass /balancermanager !</div><div><span \
style="white-space:pre-wrap"> </span>Alias "/favicon.ico" \
/var/www/html/home/favicon.ico</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPass "/US/en_US/" \
balancer://balancer_nodes/US/en_US/ stickysession=ROUTEID</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassReverse "/US/en_US/" \
balancer://balancer_nodes/US/en_US/ stickysession=ROUTEID</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPass "/CA/en_CA/" \
balancer://balancer_nodes/CA/en_CA/ stickysession=ROUTEID</div><div><span \
style="white-space:pre-wrap"> </span>ProxyPassReverse "/CA/en_CA/" \
balancer://balancer_nodes/CA/en_CA/ \
stickysession=ROUTEID</div><div><br></div><div></VirtualHost></div></div><div><br></div><div>Any \
guidance is greatly appreciated.</div><div><br></div><div>Thanks,</div><div><br></div> \
<div>HB</div></div></div></blockquote><div><br></div><div><br></div><div>Hi,</div><div><br></div><div>I \
am able to successfully read the cookie with the \
following:</div><div><br></div><div>RewriteEngine On</div><div><div>RewriteCond \
%{HTTP_COOKIE} region=us</div><div><br></div><div>However, I am not sure how to \
redirect the traffic to the balancer://balancer_nodes proxy configuration. It wants \
to keep the traffic local which obviously fails. I have \
tried:</div><div><br></div><div>RewriteRule ^/index.html \
"balancer://balancer_nodes/US/en_US/ stickysession=ROUTEID" \
[P]<br></div><div>RewriteRule ^/index.html balancer://balancer_nodes/US/en_US/ \
[P]</div></div><div>RewriteRule ^/index.html \
/US/en_US/<br></div><div><br></div><div>Thanks,</div><div><br></div><div>HB</div></div></div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic