1

A reverse proxy server forwards requests to an internal application server. The proxy server has its HTTP_HOST value set to the hostname used the access the site, e.g.: www.example.com or www.alias2.com or www.alias3.com.

The internal server receives requests to its internal IP address, so its HTTP_HOST value is set to: 192.168.64.2.

How can the internal application server determine which domain name was used for the Host: in the original http request?

It would be possible to configure the SERVER_NAME to the hostname used by the application, but if many different hostname aliases have access to the website how can we know which one was used?

Looking at all environment variables available to Apache on the application server, none indicate the requested hostname except HTTP_REFERER (which obviously can't be relied upon):

[HTTP_HOST] => 192.168.64.2:80
[SERVER_NAME] => 192.168.64.2
[REMOTE_ADDR] => 192.168.64.1
[SERVER_ADDR] => 172.19.0.3
[SCRIPT_URI] => http://192.168.64.2:80/index.php
[HTTP_REFERER] => http://www.example.com/prev/

I'm aware some reverse proxys can be configured to forward the hostname used in the original request. I'm asking the question in general terms because I would like to know if there is a solution that isn't proxy-specific. At the moment I'm using BrowserSync as the reverse proxy during development, which doesn't appear to have a way to forward the http host, and in any case, I'd like to be able to design my application so that it doesn't rely on the reverse proxy providing this information.

Quinn Comendant
  • 9,686
  • 2
  • 32
  • 35
  • How do you imagine this working? If you service multiple hostnames, but the reverse proxy simply *is not* telling you which one to use, from where else can you physically obtain this information? – Vasiliy Faronov May 14 '16 at 18:05

1 Answers1

3

What you are looking for has in the past commonly been solved by setting the non-standard X-Forwarded-For header. This has been superseded by the Forwarded header as defined in RFC 7239. The relevant part for you is section 5.3.

With X-Forwarded-For having been the de-facto standard for an extremely long time now, tool support for it is generally better. E.g. nginx supports it via the $proxy_add_x_forwarded_for which can be conveniently set:

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Apache offers comparable functionality through mod_proxy. At the time of this writing, there is an open ticket for mod_proxy_http regarading support for Forwarded:

On the receiving side, there is mod_rpaf for apache, which is setting various environmental variables accordingly to the X-Forwarded-For header.

As for Browsersync: I think you may be able to set the required headers through the proxy.reqHeaders directive.

Community
  • 1
  • 1
DaSourcerer
  • 6,288
  • 5
  • 32
  • 55