[Solved] url.rewrite-once in case of port forwarding
Added by enzopaz over 4 years ago
Hello,
I'm quite new with lighttpd.
I'm using it in a board using an ARM microprocessor with Debian on board.
I'heve developed a web app using the fat free framework and it works fine inside my local network.
I'm now tring to make the web app accessible from outside the local network.
So I have a port forwarding on the router to give access to the web server inside my local network.
So now the web server is accessible from to outside to the address xxx.vfdns.org:7777
The problem is that when I perform a "reroute" to the /login route from my webapp the web app routes to the (wrong) url xxx.vfdns.org/login and not to the (right) url xxx.vfdns.org:7777/login.
This of course result in URL not found. If I add manually the port(7777) the url is ok.
The question is how modify the url.rewrite-once rule to add always the port 7777 (is not already present) when accessing the url xxx.vfdns.org?
The actual lighttpd.conf is:
server.modules = (
"mod_indexfile",
"mod_access",
"mod_alias",
"mod_redirect",
)
server.document-root = "/var/www/fatfree"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
# if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
"header-strict" => "enable",# default
"host-strict" => "enable",# default
"host-normalize" => "enable",# default
"url-normalize-unreserved"=> "enable",# recommended highly
"url-normalize-required" => "enable",# recommended
"url-ctrls-reject" => "enable",# recommended
"url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
#"url-path-2f-reject" => "enable",
"url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
#"url-path-dotseg-reject" => "enable",
#"url-query-20-plus" => "enable",# consistency in query string
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
#server.compat-module-load = "disable"
server.modules += (
"mod_compress",
"mod_dirlisting",
"mod_staticfile",
)
url.rewrite-once = ( "^/(.*?)(\?.+)?$"=>"/index.php/$1?$2" )
server.error-handler-404 = "/index.php"
=========================================================================================
The versione of lighttpd is lighttpd/1.4.53 (ssl) - a light and fast webserver
Thanks in advance.
Enzo
Replies (4)
RE: [Solved] url.rewrite-once in case of port forwarding - Added by enzopaz about 4 years ago
please could give an example of the rule I should use to redirect the pages on the right port? Of course the port is not fixed but is a parameter defined by the router port mapping rule (in this case the ruoter maps the external port 7777 on the internal standard 80). Thansk a lot.
RE: [Solved] url.rewrite-once in case of port forwarding - Added by gstrauss about 4 years ago
your webapp should look in the environment and use SERVER_PORT when constructing the route it sends back to the client.
[Edit] if your firewall is doing the port mapping, lighttpd does not know that the client used port :xxx; lighttpd only knows the port(s) on which lighttpd is listening, and provides that information to CGI, FastCGI, SCGI, etc in SERVER_PORT. If your app sends a response with a link, your app needs to either use a url-path (/login) or your app needs to produce the correct fully-qualified URL (http://authority:port/login).
RE: [Solved] url.rewrite-once in case of port forwarding - Added by enzopaz about 4 years ago
The point is that SERVER_PORT contains the port 80 and not the port 7777 seen from outside the router. So it seems to me that the webapp can't build the URL you mention because I don't know where to recover the external port number (7777). For sure I doing something wrong but I don't know hwre the problem is.