4

I'm trying to setup Apache 2.4 (On Virtualmin) to forward wss://sub.domain.com requests to ws://localhost:6001 and I'm not having luck. I've followed countless tutorials, and looked through plenty of Stackoverflow questions - and I'm still stumped.

I have proxy, proxy_http, proxy_wstunnel, and rewrite installed and enabled.

First I tried:

ServerName sub.domain.com

RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*)           ws://127.0.0.1:6001/$1 [P,L]

ProxyPass / http://127.0.0.1:6001/
ProxyPassReverse / http://127.0.0.1:6001/

SSLEngine on
SSLCertificateFile /path/to/cert.pem
SSLCertificateKeyFile /path/to/key.pem
SSLCertificateChainFile /path/to/chain.pem
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite HIGH:!aNULL:!MD5
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

Then I tried:

ServerName sub.domain.com

RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*)           ws://localhost:6001/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*)           http://localhost:6001/$1 [P,L]

ProxyPreserveHost on
ProxyPass / ws://localhost:6001/
ProxyPassReverse / ws://localhost:6001/

...ssl directives

And just about every combination of the two.

As for the websocket server, I'm using Laravel-websockets on port 6001.

What am I doing wrong?

Rob
  • 14,746
  • 28
  • 47
  • 65
Jon
  • 305
  • 3
  • 20
  • 45

2 Answers2

2
  • It seem from your config file that your server does nothing else than to server websocket.
  • I would still suggest VirtualHost for flexibility.
  • You do not need to combined mod_rewrite with mod_proxy as you do (only if you want to host other services and make more complex routing). The proxying part is sufficient for what you describe.

I setup a full test in the cloud to verify this. This works - as simple as it is.

<IfModule mod_ssl.c>
<VirtualHost *:443>

    ServerName  sub.domain.com

    ProxyPass "/"  "ws://localhost:6001/"

    #  .... SSL config here, e.g. letsencrypt or else ....
    # I was just running `sudo certbot` to fill this in for me. 

 </VirtualHost>
</IfModule>

I tested with a super-simple ws server from https://github.com/Theldus/wsServer

configured the DNS to ws.mydomain.com and then ran https://www.piesocket.com/websocket-tester on wss://ws.mydomain.com . Works.

Ralf Ulrich
  • 1,575
  • 9
  • 25
  • ... since I got this setup working, if you still have trouble it may well be due to firewall or other mis-configurations. Double check that your ws server is working correctly, etc. – Ralf Ulrich Mar 29 '23 at 13:25
0

Someone had replied with an answer but apparently deleted it, the below works in Chrome and Insomnia (But not Firefox - but that could be a Laravel-websockets problem). Reposting it in case it helps anyone else:

RewriteCond %{HTTP:Connection} =Upgrade [NC]
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:6001/$1 [P]

You can either add the above to your virtual server config, or htaccess.

Jon
  • 305
  • 3
  • 20
  • 45