Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Proxying Atlassian server applications with Apache HTTP Server

Ryan Schwoerer
Ryan Schwoerer
June 3, 2016

I found a small error in the "Configure virtual hosts using mod_proxy" section of this article

If you are using multiple applications behind the same Apache server, on the same physical server, each reverse proxy configuration should exist in the same VirtualHost block.

The article seems to indicate that there should be multiple VirtualHost blocks, which I could not get to work.

 

an example...

<VirtualHost *:80>
    ServerName sub.domain.com
    
    ProxyRequests Off
    ProxyVia Block
    ProxyPreserveHost On
     
    <Proxy *>
         Require all granted
    </Proxy>
 
    ProxyPass /jira http://sub.domaincom:8080/jira
    ProxyPassReverse /jira http://sub.domain.com:8080/jira
    ProxyPass /wiki http://sub.domain.com:8090/wiki
    ProxyPassReverse /wiki "http://sub.domain.com:8090/wiki
    ProxyPass /bitbucket http://sub.domain.com:7990/bitbucket
    ProxyPassReverse /bitbucket http://sub.domain.com:7990/bitbucket
			
	RemoteIPHeader X-Forwarded-For
</VirtualHost>
Answer
Watch
Like Be the first to like this
1110 views

1 answer

1 vote
Dave Theodore [Coyote Creek Consulting]
Dave Theodore [Coyote Creek Consulting]
Community Champion
June 3, 2016

Generally, you would have multiple VirtualHosts for this type of configuration.  That allows you to do individual logging and have uniquenesses in configuration per host.

View More Comments
Ryan Schwoerer
Ryan Schwoerer
June 3, 2016

do you have a working example of this? I couldn't get it to work.

using the above config, with separate VirtualHost blocks for each ProxyPass/ProxyPassReverse pair I would get 404 on `http://sub.domain.com/wiki`. however, `http://sub.domain.com/jira` would work fine, and `http://sub.domain.com:8090/wiki` would work.

just moving all the ProxyPass/ProxyPassReverse pairs into one block worked.

Like
Dave Theodore [Coyote Creek Consulting]
Dave Theodore [Coyote Creek Consulting]
Community Champion
June 3, 2016

Here's what I typically do.  This is an SSL configuration, but you can ignore that stuff if you don't plan to use SSL.

# Generic 80 -> 443 redirect

<VirtualHost *:80>
	TimeOut 300
        RewriteEngine on
        ReWriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>


# Jira proxy

<VirtualHost *:443>
DocumentRoot "/var/www/jira"
ServerName jira.domain.com

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>

SSLProxyEngine          On
ProxyRequests           Off
ProxyPreserveHost       On
ProxyTimeout		300
RequestHeader unset Authorization

ProxyPass               /       http://127.0.0.1:8080/ retry=0 connectiontimeout=300 timeout=300
ProxyPassReverse        /       http://127.0.0.1:8080/

LogLevel info
CustomLog /var/log/httpd/access_jira.domain.com.log combined
ErrorLog /var/log/httpd/error_jira.domain.com.log
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLStrictSNIVHostCheck off

SSLCertificateFile      /etc/httpd/conf/ssl/host.pem
SSLCertificateKeyFile   /etc/httpd/conf/ssl/host.key
SSLCertificateChainFile  /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt
</VirtualHost>

# Confluence proxy
<VirtualHost *:443>
DocumentRoot "/var/www/confluence"
ServerName confluence.domain.com

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>

SSLProxyEngine          On
ProxyRequests           On
ProxyPreserveHost       On
ProxyTimeout		600

ProxyPass               /       http://127.0.0.1:8090/ retry=0 connectiontimeout=60 timeout=300
ProxyPassReverse        /       http://127.0.0.1:8090/

LogLevel info
CustomLog /var/log/httpd/access_confluence.domain.com.log combined
ErrorLog /var/log/httpd/error_confluence.domain.com.log
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

SSLCertificateFile      /etc/httpd/conf/ssl/host.pem
SSLCertificateKeyFile   /etc/httpd/conf/ssl/host.key
SSLCertificateChainFile  /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt
</VirtualHost>

# Stash proxy

<VirtualHost *:443>
DocumentRoot "/var/www/stash"
ServerName stash.domain.com

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>

SSLProxyEngine          On
ProxyRequests           On
ProxyPreserveHost       On
ProxyTimeout            300

ProxyPass               /       http://192.168.62.40:7990/ retry=0 connectiontimeout=300 timeout=300
ProxyPassReverse        /       http://192.168.62.40:7990/

LogLevel info
CustomLog /var/log/httpd/access_stash.domain.com.log combined
ErrorLog /var/log/httpd/error_stash.domain.com.log

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

SSLCertificateFile      /etc/httpd/conf/ssl/host.pem
SSLCertificateKeyFile   /etc/httpd/conf/ssl/host.key
SSLCertificateChainFile  /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt
</VirtualHost>

I hope that helps.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security