Hi, I already had this but can't manage to find back the solution.
I have two clues, thought: - you should have ProxyRequests Off to both of your virtualhosts (or at least, the first one). - I guess you did, but just in case, did you load module "proxy_http_module"? Last thing, I've recently found directive "AllowCONNECT", haven't had time to play with it, but that might be useful. (Might also need mod_proxy_connect). Please tell us if one of these helped! Olivier Olivier CHIROUZE I&0 Infrastructure Volvo Information Technology > -----Original Message----- > From: Bruno Teixeira [mailto:[EMAIL PROTECTED] > Sent: 16 February 2007 13:17 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] 403 Forbidden error with rewrite [P] flag > > Hi there, > > I've been browsing the web for a solution to my problem, but all I can > find are similar problems, no solutions... > > I am using a rewrite rule to rewrite "http://192.168.2.251/secure"; > requests to "https://192.168.2.198/";. This works fine, but I don't the > user to see the "198 IP", but to always the "251". To > accomplish this, I > thought I only had to add a "P flag" to the rewrite rule, but > when I do > so, I get a "403 Forbidden error". I have the proxy module loaded! > > I would really appreciate some input. Thank you for your time. > > I get this on the error log: > > [Fri Feb 16 11:13:14 2007] [error] [client 192.168.2.251] > client denied > by server configuration: proxy:https://192.168.2.198 > > and this on the rewrite log: > > 192.168.2.251 - - [16/Feb/2007:11:16:04 +0000] > [192.168.2.251/sid#8162818][rid#82a2440/initial] (2) init > rewrite engine > with requested uri /secure > 192.168.2.251 - - [16/Feb/2007:11:16:04 +0000] > [192.168.2.251/sid#8162818][rid#82a2440/initial] (2) rewrite > /secure -> > https://192.168.2.198 > 192.168.2.251 - - [16/Feb/2007:11:16:04 +0000] > [192.168.2.251/sid#8162818][rid#82a2440/initial] (2) forcing > proxy-throughput with https://192.168.2.198 > 192.168.2.251 - - [16/Feb/2007:11:16:04 +0000] > [192.168.2.251/sid#8162818][rid#82a2440/initial] (1) go-ahead > with proxy > request proxy:https://192.168.2.198 [OK] > > > Here are both of the Virtual hosts: > > <VirtualHost 192.168.2.251:80> > ServerAdmin [EMAIL PROTECTED] > ServerName 192.168.2.251 > DocumentRoot /var/www/ > <Directory /> > Options FollowSymLinks > AllowOverride None > </Directory> > <Directory /var/www/> > Options Indexes FollowSymLinks MultiViews > AllowOverride None > Order allow,deny > allow from all > # Uncomment this directive is you want to see apache2's > # default start page (in /apache2-default) when > you go to / > RedirectMatch ^/$ /site > </Directory> > > ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ > <Directory "/usr/lib/cgi-bin"> > AllowOverride None > Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch > Order allow,deny > Allow from all > </Directory> > > ErrorLog /var/log/apache2/error.log > > # Possible values include: debug, info, notice, warn, > error, crit, > # alert, emerg. > LogLevel warn > > CustomLog /var/log/apache2/access.log combined > ServerSignature On > > RewriteEngine on > RewriteCond %{SERVER_PORT} ^80$ > RewriteRule ^/secure(.*)$ https://192.168.2.198$1 [L] > # RewriteRule ^/secure(.*)$ https://192.168.2.198$1 > [L,P] this rule > gives the error > RewriteLog "/var/log/apache2/rewrite.log" > RewriteLogLevel 2 > > Alias /doc/ "/usr/share/doc/" > <Directory "/usr/share/doc/"> > Options Indexes MultiViews FollowSymLinks > AllowOverride None > Order deny,allow > Deny from all > Allow from 127.0.0.0/255.0.0.0 ::1/128 > </Directory> > </VirtualHost> > > > <VirtualHost 192.168.2.198:443> > ServerAdmin [EMAIL PROTECTED] > ServerName 192.168.2.198 > > SSLEngine On > SSLCertificateFile /etc/apache2/ssl/198.crt > SSLCertificateKeyFile /etc/apache2/ssl/198.key > > > DocumentRoot /var/www > <Directory /> > Options FollowSymLinks > AllowOverride None > </Directory> > <Directory /var/www/> > Options FollowSymLinks MultiViews > AllowOverride None > Order allow,deny > allow from all > RedirectMatch ^/$ /site > </Directory> > > ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ > <Directory "/usr/lib/cgi-bin"> > AllowOverride None > Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch > Order allow,deny > Allow from all > </Directory> > > ErrorLog /var/log/apache2/error.log > > # Possible values include: debug, info, notice, > warn, error, crit, > # alert, emerg. > LogLevel warn > > CustomLog /var/log/apache2/access.log combined > ServerSignature On > > Alias /doc/ "/usr/share/doc/" > <Directory "/usr/share/doc/"> > Options Indexes MultiViews FollowSymLinks > AllowOverride None > Order deny,allow > Deny from all > Allow from 127.0.0.0/255.0.0.0 ::1/128 > </Directory> > > </VirtualHost> > > > Bruno Teixeira > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
