Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

IIS reverse proxy with Confluence

I am setting up a reverse proxy in IIS for Confluence (eventually Jira, Bitbucket and Bamboo too) based on the directions here (https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-microsoft-internet-information-services-iis-833931378.html) and I can't get it to work.  I am trying to setup the proxy from https://server.domain.com/confluence and based on my understanding of the documentation I change the context path from this:

<Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

to this:

<Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

and I commented out the default connector for the HTTPS Proxying one from the config file and set it up as recommened like this

 

 <Connector port="8090" connectionTimeout="20000" redirectPort="8443"
 maxThreads="48" minSpareThreads="10"
 enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
 protocol="org.apache.coyote.http11.Http11NioProtocol"
 scheme="https" secure="true" proxyName="server.domain.com" proxyPort="443"/>

I setup the rules for the URL rewrite, and Syncology setup via the IIS Manager UI and it saves my changes to web.config as the following:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="Confluence Proxy" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://server.domain.com:8090/{R:1}" />
                </rule>
                <rule name="Synchrony HTTP" stopProcessing="true">
                    <match url="synchrony/(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
                    <action type="Rewrite" url="http://localhost:8091/synchrony/{R:1}" />
                </rule>
                <rule name="Synchrony Web Sockets Reverse Proxy" stopProcessing="true">
                    <match url="ws://(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
                    <action type="Rewrite" url="ws://localhost:8091/{R:1}" />
                </rule>
                <rule name="Confluence Reverse Proxy" enabled="false" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
                    <action type="Rewrite" url="http://localhost:8090/{R:1}" />
                </rule>
            </rules>
        </rewrite>
        <security>
            <requestFiltering allowDoubleEscaping="true" />
        </security>
        <caching enabled="false" enableKernelCache="false" />
    </system.webServer>
</configuration>

But then after I save all config changes, and start the Confluence server I get this error from Tomcat when I go to https://server.domain.com/confluence almost immediately:

HTTP Status 404 – Not Found


Type Status Report

Message Not found

Description The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.


Apache Tomcat/9.0.10

 

However if I keep all my settings the same but remove the /confluence from the context path, the browser will load for a bit and then attempt to bring up the login page but doesn't append the /confluence folder to the end (due to the context path not being there I assume).  With either configuration when I check the Tomcat logs (C:\Program Files\Atlassian\ApplicationData\Confluence\logs) there are no errors in the log and the warnings that are there are the same as I saw before setting this up, so nothing seems out of what is expected there.  What am I missing here in the setup?  Let me know if you need any other information on this.

2 answers

1 accepted

0 votes
Answer accepted

The rules above are good but the first one redirects to the wrong location.

I came across this exact same issue two years later and this post helped. My URL Rewrite rules in IIS were broken. I was effectively dropping the confluence from the redirect using {R:1} with the  pattern below.

(^confluence/(.*))|(^confluence$)

For "https://domain.com/confluence", the pattern matched but only {R:0} and {R:3} contained the path required for the rewrite. Adding a trailing back slash or using {R:0} rectified the issue so I had to revisit my rules.

If you're seeing this issue, double check the URL Rewrite rules in IIS and retest your patterns.

I think what you're saying makes sense, but back when I couldn't get help I switched from an IIS proxy to an NGINX proxy, the setup was way easier, and met the needs well enough.  Thanks for the follow-up answer, I'm going to accept it, but I don't' have a way to verify it.

Hi Micko,

I am running into exactly the same problem...

Have tried to update the URL rewrite to {R:0} but still it doesn't work.

"Adding a trailing back slash" - could you please exlain more on this? thanks.

 

Zhiurl rewrite.png

 

My current rule uses {R:1}. My description of the solution is misleading.

Confluence URL Rewrite.jpg

I'm not sure why my screenshot was dropped. This is my current rule but it uses a subdomain "https://confluence.domain.com" so I do need everything after the domain.

Just to clarify, I wasn't detailing a solution at the time, just that my rule was incorrect and to check your own rules. I've also switched to subdomains since then so the rule was dealing with multiple sites under the one domain. R:0 takes the entire input but R:1 only matches the pattern so in both our rules, R:0 and R:1 are the same as there is no component of the pattern outside the braces.

The trailing backslash was in reference to this rule (^confluence/(.*))|(^confluence$). In this case, if the pattern was confluence on it's own, only R:0 contained confluence, R:1 was blank. If I added a backslash, confluence/ then both R:0 and R:1 contain confluence/. This meant the rule using R:1 was working for longer patterns but not for the base domain.

"https://domain.com/confluence" failed.

"https://domain.com/confluence/" worked.

"https://domain.com/confluence/foo/bar" also worked.

Confluence URL incorrect.jpg

Confluence URL Rewrite foo bar.jpg

0 votes

Hi Aaron,

when you change the path in the connector section, did you also change the path at the context section:

<Context path="/confluence" docBase="../confluence" reloadable="false" useHttpOnly="true">

Best

JP

Yes I tried that at first and only removed it to see if it would help with the 404 errors, which it kind of did.  As soon as I put in the context path it gives me the 404, but if I remove it the web server seems to come up and is accessible, but doesn't redirect to the proper proxy folder as it doesn't have the context path. That's what the issue is here it seems.  Thanks for the suggestion though!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

Announcing Team Calendars in Confluence Data Center

Hi Community! We're thrilled to share that Team Calendars for Confluence is now a built-in feature for Confluence Data Center releases 7.11 and beyond.  A long time favorite,  Team Cale...

59 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you