Reverse proxy with SSL (apache mod_proxy) Backend wsgi server (apache mod_wsgi + flask)
A configuration in which a reverse proxy receives a request via https and proxies to the backend wsgi server via http.
At this time, when redirecting with flask, the url of the redirect destination in the client browser became http.
<VirtualHost *:443>
...
ProxyPass / http://my.wsgi.server/
ProxyPassReverse / http://my.wsgi.server/
...
</VirtualHost>
mod_proxy should be set according to the documentation.
Location
curl -v http://my.wsgi.server/
Then, the absolute path with http: // was specified for Location. Apparently this is the problem. If you specify an absolute path, ProxyPassReverse doesn't seem to work properly (the scheme doesn't rewrite).
You could use url_for (..., _scheme = "https") to make the scheme https. However, since the changes are large and the backend wsgi server alone will not work, I will not do it.
It seems that relative paths are allowed in RFC7321. https://triple-underscore.github.io/RFC7231-ja.html#section-7.1.2 Rewrite the Location header.
<VirtualHost *:80>
...
Header edit Location ^http:// //
...
</VirtualHost>
curl -v http://my.wsgi.server/
The scheme has disappeared from the location and the redirect via the reverse proxy is now working properly.
Recommended Posts