带有 ARR 和 URL 重写的 IIS 10.0 反向代理仅在 HTTP 上导致 ERR_TOO_MANY_REDIRECTS
我有一个IIS服务器托管了一些外部域,还有一个内部Web应用程序,也有一个坐在Apache服务器上的WooCommerce网站。 IIS服务器位于固定的公共IP地址上,Apache服务器也位于另一个固定的公共IP上。所有基础设施都在家里。我们很快就会为一个固定的IP /32网络放弃 /29网络。我打算使用ARR和URL重写以使IIS和Apache Server使用1个固定的公共IP。
我在IIS框上安装了ARR,并配置了以下web.config,请注意,bost iis box and apache box具有有效的证书。
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A, Form, Img" pattern="^http(s)?://192.168.8.100/(.*)" />
<action type="Rewrite" value="http{R:1}://test.example.com/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<clear />
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="{C:1}://192.168.8.100/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
192.168.8.100是托管Apache上的WooCommerce的内部服务器。因此,此后有效的是 https://test.example.com 从IIS中使用的反向代码良好,test.example.com也可以正常工作。但是, http://test.example.com err_too_many_redirects失败了,我可以看到使用Fidler。
Things I have tried
Turning off 'Reverse rewrite host in response headers' in ARR, this stops the too many redirects but shows the host as the 192.168.8.100 address and obviously fails the cert, however woocommerce site comes up fine.
将HTTP的重写规则添加到https到apache at/etc/apache2/sites-available/wordpress.conf-这与过多的重定向错误没有影响。
在/var/www/wordpress/.htaccess中,将HTTP的重定向规则添加到https中的HTTPS-这与过多的重定向错误没有区别。
从WordPress中删除非常简单的SSL插件 - 这与重定向错误的错误没有影响。
我现在智慧结束了现在要尝试的事情。
I have an IIS server hosting a few external domains and also an internal web app, also I have a woocommerce site sitting on an apache server. The IIS server sits on a fixed public IP address and the Apache server also on another fixed public IP. All infrastructure is in house. We are shortly giving up out /29 network for a single fixed IP /32 network. I was planning to use ARR and URL rewrite to have both the IIS and Apache server utilize 1 fixed public IP.
I installed ARR on the IIS box and configured the following web.config, note that bost the IIS box and Apache box have valid certificates.
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A, Form, Img" pattern="^http(s)?://192.168.8.100/(.*)" />
<action type="Rewrite" value="http{R:1}://test.example.com/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<clear />
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="{C:1}://192.168.8.100/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
192.168.8.100 being the internal server hosting woocommerce on Apache. So what works after this is that https://test.example.com works fine reverse proxied to appache from IIS, test.example.com also works fine. However http://test.example.com fails with ERR_TOO_MANY_REDIRECTS which I can see using fidler.
Things I have tried
Turning off 'Reverse rewrite host in response headers' in ARR, this stops the too many redirects but shows the host as the 192.168.8.100 address and obviously fails the cert, however woocommerce site comes up fine.
Adding a rewrite rule for HTTP to HTTPS to Apache at /etc/apache2/sites-available/wordpress.conf - This made no difference to the too many redirects error.
Adding a redirect rule for HTTP to HTTPS in the .HTACCESS file at /var/www/wordpress/.htaccess - This made no difference to the too many redirects error.
Remove Really Simple SSL plugin from Wordpress - This made no difference to the too many redirects error.
I am now at my wits end as to what to try now.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
回答我自己的问题,当我尝试 IIS HTTP 时,这是一个小学生错误 --> (HTTPS)重写,我忘记将其移到反向代理规则之前,因此它永远不会执行它。将其向上移动,一切正常。哎哟!
Answering my own question, and it was a schoolboy error, when I tried the IIS HTTP --> (HTTPS) rewrite, I forgot to move it up ahead of the reverse proxy rule, hence it was never, ever going to execute it. Move it up and all works fine. Doh!