Back-end Server Redirects, causes issues with proxy


(Benjamin Anderson) #1

I am attempting to proxy and endpoint on my domain to a back-end server.
I can get all my other proxies to work, but this one has a redirect to a login page, and I think it is messing things up.

*side-note: The backend server is an application called Weblog Expert.
I was hit with a Ransome attack last month and lost all my data… (sad)
Weblog Server helps me watch who is attempting to access Caddy by reading the Caddy logs… (happy!)

In my Caddy file I have written many attempts to proxy the server:

proxy /reports localhost:9991 {
        transparent
        websocket
}

And also:

proxy /reports localhost:9991 {
        without /reports
        transparent
        websocket
}

This is where things get wonky…’

If I test my URL:
192.168.2.126:2015/reports

I would expect my URL to look like this after WebLog Expert has redirected to a login page:

http://192.168.2.126:2015/reports/Login.aspx?ReturnUrl=%2fdefault.aspx

That URL above is correct, in fact, if I use that URL caddy does redirect me to the proper page

However, my url ends up like this:

http://192.168.2.126:2015/Login.aspx?ReturnUrl=%2freports

This is weird because it is pushing the ‘reports’ endpoint to the end of the URL.

That is where I’m kinda stuck.

If I use the ‘without /reports’ parameter, I get an expected result URL:

http://192.168.2.126:2015/Login.aspx?ReturnUrl=%2fdefault.aspx

But, that goes nowhere, it needs ‘/reports’ in the URL.

Thanks to anyone who could help me.

Benny


(Matthew Fay) #2

Hi @Benjamin_Anderson,

These kinds of bugs appear frequently when you try to contain a web app in a single subfolder (/reports in this case).

The web app is built under the assumption that it controls the web root, so it directs you to /login.aspx under that assumption. Because the assumption is wrong, and you’re telling Caddy to only proxy requests beginning with /reports, those requests don’t ever reach the web app.

Moving forward, you’ve got two real options and one stopgap:

  1. Configure the web app with a base URL
    Some apps have a setting for this, which will have them prepend the URI with this subfolder whenever they redirect or generate links. Many apps don’t have such a setting. If you can find it, set the Base URL to /reports.

  2. Give the web app the whole web root
    For example, by using a subdomain instead of a subfolder, and using proxy / instead of proxy /reports.

  3. Proxy additional endpoints to the web app
    Basically, add another proxy directive for /login.aspx. This is the stopgap, and I liken this kind of fix to using your fingers to plug holes in your boat. You might find out later on that there are other URIs that the app needs as well. Or, later on, the developer might push an update that does. Plex is an incredible, awful example of this.


Anyone have a ready-made, tried and true, tested, Duplicati config for Caddy?
(Benjamin Anderson) #3

@Whitestrake

Wonderful, thank you so much for those recommendations, sir!

Method 2 works perfectly!

What I did to fix this:

  1. create a second A type record on my domain which was named ‘reports’, and pointed back to my public IP.

  2. In the caddy file I fixed a sub-domain called ‘reports’ like this:

    reports.MY_DOMAIN http://192.168.2.126:2016 {

    tls MY_EMAIL
    timeouts none
    gzip

    proxy / localhost:9991/ {
    websocket
    transparent

    }

This created an SSL on that subdomain, and it redirects the ‘reports’ tag in the URL to the proxied web server.

This is so great, I’m going to now set up subdomains for my emby server as well, instead of using the proxy folder method.

Really appreciate this! Thank you again.