[Zope] Apache

Robert Allyn allyn@speakeasy.org
Tue, 16 Apr 2002 12:25:41 -0700 

Not sure this will help, but check out the info in this
http://www.zope.org/Members/anser/apache_zserver

- Robert

At 12:05 PM 4/16/2002 -0700, D.Rick Anderson wrote:
>We don't have any transparent proxying on this firewall. It's just an
>IPTABLES firewall using PREROUTING portforwarding:
>
>/sbin/iptables -A PREROUTING -t nat -p tcp -d PUBLIC_IP --dport 80 -j DNAT
>--to PRIVATE_IP:80
>
>It works wonderful with just Zserver and I have used it countless other
>places with standard Apache / PHP servers.
>
>I looked into Virtualhostmonster. Apparently you have to use that with
>Apache? It isn't something that you can just use with Zserver?
>
>Anywho. Anymore suggestions would be welcome. The end result is that I have
>to get this web server secured. Whether I use Apache on the front end, or
>somebody can tell me how to get M2Crypto to work on this linux box.
>
>Thanks for all your help.
>
>Rick
>
>On Tuesday 16 April 2002 12:00 pm, you wrote:
>> D.Rick Anderson wrote:
>> > Ok. I'm still having a horrible time getting Apache working in front of
>> > my Zope installation through the firewall. I have Zope running on port
>> > 8080 and Apache running on port 80. Here's my VirtualHost section:
>> >
>> > <VirtualHost 192.168.107.3>
>> > ServerName www.hostname.com
>> > ProxyPass / http://www.hostname.com:8080/domain_subdir/
>> > ProxyPassReverse / http://www.hostname.com:8080
>> > </VirtualHost>
>> >
>> > That's the only way I could get ProxyPass to work on the local network,
>> > and it works great, but only on the local network. If you try to hit it
>> > outside our firewall you simply get the Apache "test" page. I've also
>> > done:
>>
>> I'd guess that perhaps you have a transparent proxy on your firewall
>> which is not forwarding Host: headers.
>>
>> Sniff your traffic as it arrives at your server.  My favourite quick and
>> dirty way of doing this is to run netcat listening on port 80 like so:
>>
>> # nc -vv -l -p 80
>>
>> And then request a page from outside your firewall, and watch what gets
>> dumped to your terminal.  You could alternatively use shane's tcpwatch
>> (do a search for it) or tcpdump or something like that to watch the
>> whole server - client conversation.
>>
>>  > <VirtualHost 192.168.107.3>
>>  > ServerName www.hostname.com
>>  > RewriteEngine on
>>  > RewriteCond %{HTTP:Authorization} ^(.*)
>>  > RewriteRule ^(.*) /var/www/cgi-bin/Zope.cgi$1
>>  > [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
>>  > </VirtualHost>
>>
>> BTW, the 'recommended' way of doing the apache/virtualhost thing is to
>> use virtualhostmonsters:
>>
>>    http://www.zope.org/Members/mwr/VHosts_With_Zope_Default
>>
>> or you could do it all in zope using:
>>
>>    http://www.zope.org/Members/sfm/SiteAccessEnhanced
>>
>> seb
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Zope maillist  -  Zope@zope.org
>> http://lists.zope.org/mailman/listinfo/zope
>> **   No cross posts or HTML encoding!  **
>> (Related lists -
>>  http://lists.zope.org/mailman/listinfo/zope-announce
>>  http://lists.zope.org/mailman/listinfo/zope-dev )
>
>-------------------------------------------------------
>
>
>_______________________________________________
>Zope maillist  -  Zope@zope.org
>http://lists.zope.org/mailman/listinfo/zope
>**   No cross posts or HTML encoding!  **
>(Related lists - 
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )