# simple redirecting link to another server



## goraz (Oct 11, 2016)

```
<VirtualHost *:80>
        ServerAdmin user@email.com
        ServerName mybusiness.com
      
        DocumentRoot "/usr/local/www/apache24/mybus"
        <Directory />
        AllowOverride None
        Order allow,deny
        allow from all
        </Directory>
</VirtualHost>
```
is there anyway i can use something else that DocumentRoot since all the document is on another server (on the same network , i can use an ip address to connect).

I'm actually trying to make Apache2.4 listen to 443 and use mail.mybusiness.com goes throw bsd to exchange server. 
right now our firewall is directing port 443 to the exchange server and i want to use that port for ssl for our website too. but need to figure how to keep the exchange working too.
maybe I'm looking at this totally wrong. help please


----------



## SirDice (Oct 12, 2016)

Put net/haproxy in front of it. It can switch backends based on the HTTP/1.1 Host header.


----------



## goraz (Oct 12, 2016)

thank you, Ill do some research on net/haproxy since its a first time im hearing about it.


----------



## priyadarshan (Oct 25, 2016)

SirDice said:


> Put net/haproxy in front of it. It can switch backends based on the HTTP/1.1 Host header.



Thank you for mentioning haproxy. It looks like a powerful tool worth learning.


----------



## priyadarshan (Oct 25, 2016)

gpatrick said:


> I use Pound for my reverse proxy which has a simpler config file and supports https and was designed with security as a goal.



Yes, Pound is nice and simple. Correct me if I am wrong, Pound is mainly an http/https proxy, while Haproxy is more like a TCP proxy?


----------



## SirDice (Oct 25, 2016)

priyadarshan said:


> Correct me if I am wrong, Pound is mainly an http/https proxy, while Haproxy is more like a TCP proxy?


HAProxy is primarily meant for HTTP(S) but it can do plain TCP proxying. The easiest set up simply looks at the HTTP host header but you can make it really complex based on paths, cookies, forwarding headers and whatnot. You can make the 'weight' of each node depend on the amount of workload for example. When workload increases you can lower the weight so there's less traffic being sent to it. This is also useful when you want to balance several MySQL/MariaDB slaves. The latest edition now includes LUA making it even more powerful. 

This is a basic setup I use on my VPS. It has only one outside IP address, HAProxy runs on the host and redirects various sites to three jails. I've built and managed more complex ones for clients.


```
global
        maxconn 30000
        daemon

        log /dev/log local2

        user nobody
        group nobody

        stats socket /var/run/haproxy.socket mode 777 level admin

defaults
        log global
        option httplog
        option dontlognull
        mode http

        option httpclose
        option abortonclose
        option forwardfor


        stats enable
        stats uri /haproxy?stats
        stats realm Statistics
        stats auth sirdice:mysupersecretpassword

frontend http-in
        bind 1.2.3.4:80

        reqidel ^X-Real-IP:.*

        # If we can't figure it out send it here
        default_backend pool1

        # Which site is requested?
        acl is_site1 hdr_dom(host) -i site1.example.com
        acl is_site2 hdr_dom(host) -i site2.example.com
        acl is_site3 hdr_dom(host) -i site3.example.com
        acl is_site4 hdr_dom(host) -i site4.example.com

        # Switching logic
        use_backend pool1 if is_site1
        use_backend pool2 if is_site2
        use_backend pool2 if is_site3
        use_backend pool3 if is_site4

# My "farm"
backend pool1
        option httpchk GET /up.txt
        option forwardfor header X-Real-IP
        server web1 192.168.21.3:80 check

backend pool2
        option httpchk GET /up.txt
        option forwardfor header X-Real-IP
        server web2 192.168.21.4:80 check

backend pool3
        option httpchk GET /up.txt
        option forwardfor header X-Real-IP
        server web3 192.168.21.5:80 check
```

The downside is that every connection in your weblog will come from the HAProxy host, so you 'lose' the original client's IP address. But there are some tricks you can do with the forwardfor header to log or use the original IP on the webservers.


----------



## priyadarshan (Oct 26, 2016)

Thank you for the example setup, very instructive.


----------



## SirDice (Oct 26, 2016)

It's a fairly straightforward configuration, not too many bells and whistles. The HAProxy configuration itself is quite readable, I did modify a few things to make it more like an example but it's fairly self-explanatory.


----------

