Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 5239 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Separate real and virtual servers for both HTTP and HTTPS?

Jeff x
I've read the manual and searched the forum but I'm still confused.

I have a web server, email server and an FTP server all on the same box behind Sophos. I have static public IP's and some websites have their own static IP while others share IP's. All websites use both HTTP and HTTPS.

Do I need to set up two (HTTP and HTTPS) virtual and real servers for each public IP address? I'm not understanding the mapping.

On my old router, I just created services for each website and forwarded the needed ports to the corresponding private IP's of each website.


This thread was automatically locked due to age.
Parents
  • 0
    Thanks Barry.
     
    I tried the following in Apache, but it's still not logging the public IP's.
     
    ...
    LogFormat "%V[FONT=Arial]%{HTTP_X_FORWARDED_FOR}i[/FONT] %l %u %t \"%r\" %>s %O\"%{Referer}i\" \"%{User-agent}i\""combinedtrueout_host_xforwarded
     
    CustomLog"C:/WampDeveloper/Logs/Websites/www.mysite.com/http.accesslog.txt"combinedtrueout_host_xforwarded
    ...
     
    UPDATE: If I replace [FONT=Arial]%{HTTP_X_FORWARDED_FOR}i [/FONT]with [FONT=Arial]%{X-Forwarded-For}i Apache logs the public IP's.[/FONT]
     
    UPDATE: The issue below was resolved by unticking Enable HTML rewriting in the Virtual Webserver.
     
    On one of my websites, there is an email form. When using DNAT instead of WAF, the form works correctly as indicated in the image below:

     
    When I disable DNAT and use WAF, the form still works but the wrong notification message displays:

     
    Why does the proxy cause this issue to happen? The form does not rely on IP addresses. The form uses the following jQuery/AJAX to replace the original SEND message:
     

     
    [SIZE=2][SIZE=2]/*    Contact Form[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]    /* ---------------------------------------------------------------------- */[/SIZE][/SIZE]
     
     
     
    [SIZE=2][SIZE=2]// Needed variables[/SIZE][/SIZE]
    [SIZE=2]    var $contactform     [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2] $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2][SIZE=2]'#contactform'[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]        $success        [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'Your message has been sent. Thank you!'[/SIZE][/SIZE][SIZE=2];[/SIZE]
     
    [SIZE=2]    $contactform.submit[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]function[/SIZE][SIZE=2][SIZE=2](){[/SIZE][/SIZE]
    [SIZE=2]        $.ajax[/SIZE][SIZE=2][SIZE=2]({[/SIZE][/SIZE]
    [SIZE=2]           type: [/SIZE][SIZE=2][SIZE=2]"POST"[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           url: [/SIZE][SIZE=2][SIZE=2]"php/contact.php"[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           data: $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]this[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2].serialize[/SIZE][SIZE=2][SIZE=2]()[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           success: function[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]msg[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]{[/SIZE][/SIZE]
    [SIZE=2]                if[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]msg [/SIZE][SIZE=2][SIZE=2]==[/SIZE][/SIZE][SIZE=2][SIZE=2]'[/SIZE][/SIZE][SIZE=2]SEND[/SIZE][SIZE=2][SIZE=2]'[/SIZE][/SIZE][SIZE=2][SIZE=2]){[/SIZE][/SIZE]
    [SIZE=2]                    response [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'
    '
    [/SIZE]    [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2] $success [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2][SIZE=2]''[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2]                else[/SIZE][SIZE=2][SIZE=2]{[/SIZE][/SIZE]
    [SIZE=2]                    response [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'
    '
    [/SIZE]    [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2] msg [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2][SIZE=2]''[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]// Hide any previous response text[/SIZE][/SIZE]
    [SIZE=2]                $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2][SIZE=2]".error,.success"[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2].remove[/SIZE][SIZE=2][SIZE=2]()[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]// Show response message[/SIZE][/SIZE]
    [SIZE=2]                $contactform.prepend[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]response[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2]        return false;[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]

    --------------------------------------------------------------------
    Sophos UTM 9.714-4 - Home User
    Currently testing VM on i3-9100 @ 3.60 GHz
    16 GB RAM
    Dell Optiplex XE
    Intel Core 2 Duo CPU E8600 @ 3.33GHz
    8GB RAM
    --------------------------------------------------------------------

Reply
  • 0
    Thanks Barry.
     
    I tried the following in Apache, but it's still not logging the public IP's.
     
    ...
    LogFormat "%V[FONT=Arial]%{HTTP_X_FORWARDED_FOR}i[/FONT] %l %u %t \"%r\" %>s %O\"%{Referer}i\" \"%{User-agent}i\""combinedtrueout_host_xforwarded
     
    CustomLog"C:/WampDeveloper/Logs/Websites/www.mysite.com/http.accesslog.txt"combinedtrueout_host_xforwarded
    ...
     
    UPDATE: If I replace [FONT=Arial]%{HTTP_X_FORWARDED_FOR}i [/FONT]with [FONT=Arial]%{X-Forwarded-For}i Apache logs the public IP's.[/FONT]
     
    UPDATE: The issue below was resolved by unticking Enable HTML rewriting in the Virtual Webserver.
     
    On one of my websites, there is an email form. When using DNAT instead of WAF, the form works correctly as indicated in the image below:

     
    When I disable DNAT and use WAF, the form still works but the wrong notification message displays:

     
    Why does the proxy cause this issue to happen? The form does not rely on IP addresses. The form uses the following jQuery/AJAX to replace the original SEND message:
     

     
    [SIZE=2][SIZE=2]/*    Contact Form[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]    /* ---------------------------------------------------------------------- */[/SIZE][/SIZE]
     
     
     
    [SIZE=2][SIZE=2]// Needed variables[/SIZE][/SIZE]
    [SIZE=2]    var $contactform     [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2] $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2][SIZE=2]'#contactform'[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]        $success        [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'Your message has been sent. Thank you!'[/SIZE][/SIZE][SIZE=2];[/SIZE]
     
    [SIZE=2]    $contactform.submit[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]function[/SIZE][SIZE=2][SIZE=2](){[/SIZE][/SIZE]
    [SIZE=2]        $.ajax[/SIZE][SIZE=2][SIZE=2]({[/SIZE][/SIZE]
    [SIZE=2]           type: [/SIZE][SIZE=2][SIZE=2]"POST"[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           url: [/SIZE][SIZE=2][SIZE=2]"php/contact.php"[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           data: $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]this[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2].serialize[/SIZE][SIZE=2][SIZE=2]()[/SIZE][/SIZE][SIZE=2],[/SIZE]
    [SIZE=2]           success: function[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]msg[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]{[/SIZE][/SIZE]
    [SIZE=2]                if[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]msg [/SIZE][SIZE=2][SIZE=2]==[/SIZE][/SIZE][SIZE=2][SIZE=2]'[/SIZE][/SIZE][SIZE=2]SEND[/SIZE][SIZE=2][SIZE=2]'[/SIZE][/SIZE][SIZE=2][SIZE=2]){[/SIZE][/SIZE]
    [SIZE=2]                    response [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'
    '
    [/SIZE]    [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2] $success [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2][SIZE=2]''[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2]                else[/SIZE][SIZE=2][SIZE=2]{[/SIZE][/SIZE]
    [SIZE=2]                    response [/SIZE][SIZE=2][SIZE=2]=[/SIZE][/SIZE][SIZE=2][SIZE=2]'
    '
    [/SIZE]    [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2] msg [/SIZE][SIZE=2][SIZE=2]+[/SIZE][/SIZE][SIZE=2][SIZE=2]''[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]// Hide any previous response text[/SIZE][/SIZE]
    [SIZE=2]                $[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2][SIZE=2]".error,.success"[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2].remove[/SIZE][SIZE=2][SIZE=2]()[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]// Show response message[/SIZE][/SIZE]
    [SIZE=2]                $contactform.prepend[/SIZE][SIZE=2][SIZE=2]([/SIZE][/SIZE][SIZE=2]response[/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]
    [SIZE=2]        return false;[/SIZE]
    [SIZE=2][SIZE=2]}[/SIZE][/SIZE][SIZE=2][SIZE=2])[/SIZE][/SIZE][SIZE=2];[/SIZE]

    --------------------------------------------------------------------
    Sophos UTM 9.714-4 - Home User
    Currently testing VM on i3-9100 @ 3.60 GHz
    16 GB RAM
    Dell Optiplex XE
    Intel Core 2 Duo CPU E8600 @ 3.33GHz
    8GB RAM
    --------------------------------------------------------------------

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?