Apache Proxy

The Apache HTTP server can be configured to proxy HTTP traffic to MailArchiva's web console. Refer to the configuration below for further details. An alternative configuration that uses JkModule is also available.

 

Enable Modproxy

 

sudo a2enmod proxy
sudo a2enmod proxy_http

 

Create Virtual Host

 

Create mailarchiva.conf in /etc/apache2/sites-available

 

<VirtualHost *:443>
         ServerName demo.stimulussoft.com
         SSLProxyEngine On
         ProxyPreserveHost On
         ProxyRequests Off
         ProxyPass / http://localhost:8090/
         ProxyPassReverse / http://localhost:8090/
         RewriteEngine on
         RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
         RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
         RewriteRule .* ws://localhost:8090%{REQUEST_URI} [P]
         ProxyPass /linkage https://localhost:8090/
         ProxyPassReverse /linkage https://localhost:8090/
         ProxyPass /websocket/chat https://localhost:8090/
         ProxyPassReverse /websocket/chat https://localhost:8090/
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/stimulussoft.com/_.example.com.bundle
        SSLCertificateKeyFile /etc/letsencrypt/live/stimulussoft.com/_.example.key
        AllowEncodedSlashes NoDecode
        # Disable CONNECT method to prevent tunneling to external servers
        <Location />
           <Limit CONNECT>
              Order Deny,Allow
              Deny from all
           </Limit>
        </Location>
   
</VirtualHost>

<VirtualHost *:80>
        ServerName demo.stimulussoft.com
        RewriteEngine on
        ReWriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

 

Set Proxy System Variable

 

To ensure that client IP addresses are logged correctly in the audit log, MailArchiva requires knowledge of the original request, its IP address, protocol and port. The Apache directive "ProxyPreserveHost On" ensures that the HTTP header's X-Forwarded-Host, X-Forwarded-Proto and X-Forwarded-Port are passed on. MailArchiva will look for these HTTP headers, provided that its Java system properties variable Proxy is set as follows:

 

Linux: Add -Dproxy=yes variable to CATALINA_OPTS in /opt/mailarchiva/server/startserver script

Windows: Right click tray icon, click Configure, select Java tab, In Java Options add -Dproxy=yes

 

Restart MailArchiva after doing the above.

 

 

© 2005 - 2024 ProProfs

Found this information useful? Visit mailarchiva.com to learn more about MailArchiva.

-