Rewrite Rule Proxy

LiteSpeed Web Server doesn't support ProxyPass, ProxyPassReverse or other mod_proxy directives. However, you can use rewrite rules with [P] and set up an external app of the proxy in LSWS configuration to make it work fully.

Note

As of LSWS v5.3.6, ProxyPass and ProxyPassMatch support have been added for AJP backends, but not for non-AJP backends. (AJP is a protocol for connecting a frontend web server to a backend web server.)

Create an External App

  1. Log into the LiteSpeed WebAdmin Console at example.com:7080.

  2. Go to the Configuration > Server > External App tab and click Add. The external app can also be added at the virtual host level, but adding at server level is recommended.

!External App Add

  1. Select Web Server from the drop down list.

  2. On the following page, adjust the settings and save:

!External App Settings * Name - Any unique external app name. It should not start with "http://". For example, Local_proxy. * Address - The IP:PORT or UDS socket of the backend server. It cannot be a domain name. For example, the frontend is on port 443, and the backend is on ip:80, so you would enter the backend ip:80 here, replacing ip with the actual IP address. Please remember do not add "http://" or "https://" here. * Max Connections - The maximum number of concurrent connections to this Web Server at any time. * Initial Request Timeout (secs) - The maximum time in seconds the server will wait for a response. * Retry Timeout (secs) - The period of time that the server waits before retrying a request.

  1. After saving, restart LSWS.

Add Rewrite Rules

In your favorite text editor, pull up the .htaccess file and add the appropriate line(s) as shown in the examples below.

Example 1: Proxy to a site on the backend with the same domain name.

RewriteRule (.*) http://<EXTERNAL_APP_NAME>/$1 [P]

EXTERNAL_APP_NAME must match the name of the app created in WebAdmin. Keeping with our earlier example, that would be:

RewriteRule (.*) http://Local_proxy/$1 [P]

Example 2: Proxy to a site on the backend with a different domain name.

RewriteRule ^(.*)$ http://<EXTERNAL_APP_NAME>/$1 [P,E=Proxy-Host:www.example.com]

The URL for the vhost should now act as a proxy for the External App Web Server that was just set up.

Keeping with our earlier example, that would be:

RewriteRule ^(.*)$ http://Local_proxy/$1 [P,E=Proxy-Host:www.example.com]

Example 3: Proxy to a site on the same server

If acting as a proxy to a site on the same server, you can use 127.0.0.1:<port> without manually creating an external app. The rewrite rule proxy target will be created automatically if the target is using 127.0.0.1:<port>. When using a domain name, even if the domain is hosted on the same server, the external application won't be created automatically. This will lead to a 500 status code as the server cannot find the external application. You will need to create an external app manually, in this case.

For example, www.example1.com is hosted on the same server. If you want to run the following proxy with domain, you will need to create an external app:

 RewriteEngine On
 RewriteRule ^(.*)$ https://www.example1.com:5000/$1 [P,L]

Alternatively, simply using the following code, an external app will be created by the server automatically:

 RewriteEngine On
 RewriteRule ^(.*)$ https://127.0.0.1:5000/$1 [P,L]

Example 4: cPanel webmail-like proxy

cPanel's www.domain.com/webmail proxy loads one installation at http://127.0.0.1/rainloop/.

An Apache user without a control panel who wants to copy this behavior may achieve it with ProxyPass, like so:

ProxyPass "/webmail/" "http://127.0.0.1/rainloop/"

But LiteSpeed doesn't support ProxyPass in this case. Instead, a LiteSpeed user may simply use the following rewrite rule in the virtual host's Apache configuration. No need to create an external app:

RewriteRule /webmail/(.*) http://127.0.0.1/rainloop/$1 [P]

Testing

  1. Check the backend: Visit http://www.example.com by curl command to make sure the backend is running ok.
  2. Check the frontend: Example front end is on port 443, visit https://www.example.com and it should proxy/return the backend correctly.

Troubleshooting

If you see like this:

[REWRITE] Proxy target is not defined on external application list, please add a 'web server' with name 'https://Local_proxy'

It means the proxy Local_proxy was not defined in an external application. You need to create a web server proxy on the external application named Local_proxy (without http:// or https://).