Laravel Websockets Apache2 ReverseProxy setup

Question

Problem

I am trying to setup a live environment with laravel websockets library behind an apache server. The Websocket server is running on port 6001 (unreachable from outside). The Apache VHost is configured for ws.example.com

I cannot get the Apache to proxy the wss:// requests correctly. The request to wss://ws.example.com/request/path?protocol=7&client=js&version=5.1.1&flash=false fails. (Error during WebSocket handshake: Invalid status line)

I think there is a problem with my vhost configuration. Am I missing something? Any advice is appreciated.

vhost configuration

<VirtualHost *:443>
    ServerName ws.example.com
    ServerAlias www.ws.example.com.com
    DocumentRoot /srv/vhost/example.com/domains/ws.example.com/public_html

    ErrorLog /var/log/virtualmin/ws.example.com_error_log
    CustomLog /var/log/virtualmin/ws.example.com_access_log combined
    ScriptAlias /cgi-bin/ /srv/vhost/example.com/domains/ws.example.com/cgi-bin/

    DirectoryIndex index.php index.html

    RewriteEngine on
    ProxyRequests off
    ProxyVia on
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule /(.*) ws://localhost:6001/$1 [P,L]
    ProxyPass               /request/path http://localhost:6001/request/path
    ProxyPassReverse        /request/path http://localhost:6001/request/path

    SSLCertificateFile /etc/letsencrypt/path/ws.example.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/path/ws.example.com/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

Max S. · Answer 1 · 2022-09-27T15:15:24.787

Create a subdomain for websockets. Then edit your virtualhost configs (Apache 2.4) as below. Use pusher-php-server 5.0.3

<VirtualHost *:443>
    ServerAdmin admin@example.com
    ServerName socket.website.com

    <Proxy *>
        Require all granted
        Allow from all
    </Proxy>

    SSLEngine on
    SSLProxyEngine on
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLProxyCheckPeerExpire off

    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule .* wss://127.0.0.1:6001%{REQUEST_URI} [P]
    ProxyPass / ws://127.0.0.1:6001
    ProxyPassReverse / ws://127.0.0.1:6001

    SSLCertificateFile /etc/letsencrypt/live/socket.website.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/socket.website.com/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

score 0 · Answer 2 · answered Oct 22 '20 at 21:36

0

@max: your rewrite rules were the key, also applies when the proxy just forwards the unencrypted traffic and apache is handling ssl to the outside, replacing wss with ws then - after one day of fiddling its finally working!

edit: not enough reputation for a comment , sorry

answered Oct 22 '20 at 21:36

d-fens_

67
6

1

As a tip, posting something as an answer that isn't an answer risks getting downvotes, which will make you lose points and put you even further away from being able to comment – camille Oct 23 '20 at 03:18

Laravel Websockets Apache2 ReverseProxy setup

2 Answers2