Apache Https To Http

Posted on |



Customizing Apache for Windows

  1. Https Apache Server
  2. Apache Https Configuration
  3. Apache Https To Http Proxy
  4. Apache Https To Tomcat Http

Apache is configured by the files in the conf subdirectory. These are the same files used to configure the Unix version, but there are a few different directives for Apache on Windows. See the directive index for all the available directives.

HTTP and HTTPS use different server ports (HTTP binds to port 80, HTTPS to port 443), so there is no direct conflict between them. Enable HTTP/2 on a Apache Virtual Host To get started, first confirm that the webserver is running HTTP/1.1. You can do this on a browser by opening the developer tools section on Google chrome using the Ctrl +SHIFT + I combination. Click on the ‘ Network ’ tab and locate the ‘ Protocol ’ column. This article shows you how to use Apache HttpClient to send an HTTP GET/POST requests, JSON, authentication, timeout, redirection and some frequent used examples. P.S Tested with HttpClient 4.5.10. HTTPS redirects from HTTP are extremely dangerous (and in fact will be blocked by all browsers soon due to abuse), espacially if this is node via silent HTTP status (but the same is true if this is done by javascript), unless either: - (1) there's a transient HTTPS parking page inviting users to fllow a link by clicking it actively; or: - (2. Downloading Apache for Windows. The Apache HTTP Server Project itself does not provide binary releases of software, only source code. Individual committers may provide binary packages as a convenience, but it is not a release deliverable. If you cannot compile the Apache HTTP Server yourself, you can obtain a binary package from numerous binary distributions available on the Internet.

The main differences in Apache for Windows are:

  • Because Apache for Windows is multithreaded, it does not use a separate process for each request, as Apache can on Unix. Instead there are usually only two Apache processes running: a parent process, and a child which handles the requests. Within the child process each request is handled by a separate thread.

    The process management directives are also different:

    MaxConnectionsPerChild: Like the Unix directive, this controls how many connections a single child process will serve before exiting. However, unlike on Unix, a replacement process is not instantly available. Use the default MaxConnectionsPerChild 0, unless instructed to change the behavior to overcome a memory leak in third party modules or in-process applications.

    Warning: The server configuration file is reread when a new child process is started. If you have modified httpd.conf, the new child may not start or you may receive unexpected results.

    ThreadsPerChild: This directive is new. It tells the server how many threads it should use. This is the maximum number of connections the server can handle at once, so be sure to set this number high enough for your site if you get a lot of hits. The recommended default is ThreadsPerChild 150, but this must be adjusted to reflect the greatest anticipated number of simultaneous connections to accept.

  • The directives that accept filenames as arguments must use Windows filenames instead of Unix ones. However, because Apache may interpret backslashes as an 'escape character' sequence, you should consistently use forward slashes in path names, not backslashes.

  • While filenames are generally case-insensitive on Windows, URLs are still treated internally as case-sensitive before they are mapped to the filesystem. For example, the <Location>, Alias, and ProxyPass directives all use case-sensitive arguments. For this reason, it is particularly important to use the <Directory> directive when attempting to limit access to content in the filesystem, since this directive applies to any content in a directory, regardless of how it is accessed. If you wish to assure that only lowercase is used in URLs, you can use something like:

  • When running, Apache needs write access only to the logs directory and any configured cache directory tree. Due to the issue of case insensitive and short 8.3 format names, Apache must validate all path names given. This means that each directory which Apache evaluates, from the drive root up to the directory leaf, must have read, list and traverse directory permissions. If Apache2.4 is installed at C:Program Files, then the root directory, Program Files and Apache2.4 must all be visible to Apache.

  • Apache for Windows contains the ability to load modules at runtime, without recompiling the server. If Apache is compiled normally, it will install a number of optional modules in the Apache2.4modules directory. To activate these or other modules, the LoadModule directive must be used. For example, to activate the status module, use the following (in addition to the status-activating directives in access.conf):

    Information on creating loadable modules is also available.

  • Apache can also load ISAPI (Internet Server Application Programming Interface) extensions such as those used by Microsoft IIS and other Windows servers. More information is available. Note that Apache cannot load ISAPI Filters, and ISAPI Handlers with some Microsoft feature extensions will not work.

  • When running CGI scripts, the method Apache uses to find the interpreter for the script is configurable using the ScriptInterpreterSource directive.

  • Since it is often difficult to manage files with names like .htaccess in Windows, you may find it useful to change the name of this per-directory configuration file using the AccessFilename directive.

  • Any errors during Apache startup are logged into the Windows event log when running on Windows NT. This mechanism acts as a backup for those situations where Apache is not yet prepared to use the error.log file. You can review the Windows Application Event Log by using the Event Viewer, e.g. Start - Settings - Control Panel - Administrative Tools - Event Viewer.

- This is archive documentation, which means it is not supported or valid for recent versions of Zimbra Collaboration.
- This article is a Community contribution and may include unsupported customizations.

Zen dojo.

Apache over http (port 80) and Zimbra over https (port 443)

If you don't need to have non-SSL (http/port 80) access to zimbra webmail and you don't need to have SSL (https/port 443) access to apache, configure zimbra to only listen on https port 443.

That's it! Now apache will serve websites (presumably over port 80), and zimbra will serve webmail over port 443.


Sharing http (port 80) and/or https (port 443) between Zimbra and Apache

If you do need to have access to both zimbra and apache over the same port, use this guide.

Q: How to run Apache + Zimbra on the same host without having to use a weird port to access any of them ?

A: Use mod_proxy ;)

This wiki page is based on this zimbra forums thread: http://www.zimbra.com/forums/showthread.php?t=2476 (I am using a Debian Sarge).

You must have several hostnames for your server (for example zimbra.domain.com and www.domain.com).

First of all, change zimbraMailPort, and recreate zimbraMtaAuthHost and restart zimbra so our apache can listen on 80, do it like this :

Then, install your prefered apache version (1.3 / 2) and add the proxy module :

for apache 1.3 :


for apache 2 :

Now we can add our virtualhosts.

for apache 1.3, go into /etc/apache/conf.d/ and create/edit vhosts.conf :

[for apache 2 go into /etc/apache2/conf.d/]

To do mod_proxy on the admin side do something along the following lines in httpd.conf

Almost done.Restart everything.Test your new hosts.

Enjoy Zimbra ;)

Sharing both HTTP and HTTPS between both Zimbra and Apache using Different Domain Names

I found that the above wouldn't work when I tried to preserve http and https access for both Zimbra and Apache. Here is what I did to fix it. Instead of using ProxyPass, I used Redirect, as follows.

Https Apache Server

Change the ports that the Zimbra webmail client listens on

Set up your redirects in Apache

Set up the http redirects

Under Apache2 on CentOS, I just create a file called /etc/httpd/conf.d/vhosts.conf with the following content:

Set up your https redirects

Under Apache2 on CentOS, I just edit the file called /etc/httpd/conf.d/ssl.conf. Look for the line that says:

Comment it out, and add the following just below it:

Below that, look for the commented-out line that starts with ServerName, uncomment it, and add your server name that you want to use for Apache:

Next, go to the bottom of the file and setup your Zimbra virtual host

Why do we bother specifying the SSL certificate if we are only going to redirect from Apache to Zimbra? Because if you don't, your user will get an 'invalid certificate' error from their browser before the redirect happens.

Restart Apache

Sharing both HTTP and HTTPS between both Zimbra and Apache using Different IP Addresses

Instead of using different domain names, as in the above example, I find that it is much easier and cleaner to simply use different IP addresses. On my box, I only have one network interface card, but I have six public IP addresses that all point to it. Therefore, in my DNS I simply assign the www.yourdomain.com subdomain to XXX.XXX.XXX.100 and the mail.yourdomain.com subdomain to XXX.XXX.XXX.101. This gives you the added flexibility of adding many different sub domain aliases in your DNS and simply pointing them all to the same IP address. For example, you could add aliases like webmail.yourdomain.com and zimbra.yourdomain.com to the DNS, and you wouldn't have to change any of the configuration files below for it to work properly.

Change the ports that the Zimbra webmail client listens on

Set up your redirects in Apache

Make sure Apache is listening on all IP addresses

Check your Apache configuration to make sure that it is listening on all IP addresses. For most installations, this will be the default, so if you haven't changed it yourself it should be working. Just to be sure, open your httpd.conf file (in CentOS it is /etc/httpd/conf/httpd.conf) and look for a line that starts with 'Listen'. It should just say:

HttpHttp

Or, it might say:

If it has a specific IP address in it, such as:

You will either need to delete the IP address reference or simply add multiple Listen lines for each of your IP addresses.

Set up the http redirects

Under Apache2 on CentOS, I just create a file called /etc/httpd/conf.d/vhosts.conf with the following content:

Set up your https redirects

Under Apache2 on CentOS, I just edit the file called /etc/httpd/conf.d/ssl.conf. Look for the line that says:

Comment it out, and add the following just below it:

Next, go to the bottom of the file and setup your Zimbra virtual host

Why do we bother specifying the SSL certificate if we are only going to redirect from Apache to Zimbra? Because if you don't, your user will get an 'invalid certificate' error from their browser before the redirect happens.

Restart Apache


Verified Against: UnknownDate Created: 5/5/2006
Article ID:https://wiki.zimbra.com/index.php?title=ZimbraApacheDate Modified: 2015-03-24


Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Https

Other help Resources

Apache Https Configuration

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Apache Https To Http Proxy

Retrieved from 'https://wiki.zimbra.com/index.php?title=ZimbraApache&oldid=57821'

Apache Https To Tomcat Http

Jump to: navigation, search