Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Using Pound as a reverse proxy


exact

Recommended Posts

I have searched the forums on how to have osCommerce behind Pound reverse proxy, but was unable to find anything on it. So I will try to write how I got it working in the off case it might help someone else.

 

I'm running CentOS 5.2 with Pound-2.4.3.

 

You can find instructions on how to install and setup Pound on its website.

 

You may be wondering why anyone would need this. Well I only have one public IP address and I have a couple of websites hosted on IIS and others hosted on Apache. To be able to use multiple web servers behind one public IP address you need a reverse proxy that will direct traffic to the correct server based on host header.

 

I had originally tried to set this up with squid proxy but it was getting way to complex for me. I stumbled across Pound and it was so straight forward in its configuration file structure that I gave it a go.

 

Here's my pound.cfg file:

 

User		"user"
Group	   "user"
LogFacility daemon
LogLevel	1

ListenHTTP
	  Address 192.168.xxx.21
	  Port	80
End

ListenHTTPS
	 Address 192.168.xxx.21
	 xHTTP 4
	 AddHeader "Front-End-Https: on"
	 Port	443
	 Cert	"/etc/ssl/local.server.pem"
End

Service
	HeadRequire "(Host: something.com.au)"

	BackEnd
			Address 192.168.xxx.20
			Port	80
	End
End

Service
	HeadRequire "(Host: sub.something.com.au)"
	BackEnd
			Address 192.168.xxx.21
			Port	8080
	End
End

 

You setup Pound to listen on Port 80 and 443. I have Apache on the same server as I'm running Pound on, so changed Apache to listen to Port 8080.

 

The important part for https to work is the line:

 AddHeader "Front-End-Https: on"

This adds "[HTTP_FRONT_END_HTTPS] => on" to the header (without the " ").

 

I then found in the forums how to get around secure and unsecure content on page.

 

In this forum they showed how to get around a 1&1 hosting with shared ssl.

 

I adapted the code change they suggested in the file "includes/application_top.php" at about line 41, with:

// set the type of request (secure or not)
 $request_type = (getenv('HTTP_FRONT_END_HTTPS') == 'on') ? 'SSL' : 'NONSSL';

 

I also changed the file "includes/functions/general.php" as suggested in this forum on about line 23 with:

if ( (ENABLE_SSL == true) && (getenv('HTTP_FRONT_END_HTTPS') == 'on') ) { // We are loading an SSL page

 

Now when I go to the login page I don't get error about secure and non-secure content on website.

 

The security certificate I'm using at the moment is just a self-signed one, but all that is need is to drop in a brought one (I think).

 

Hope this is helpful.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...