This question is not actually FreeBSD specific, but more about Apache.
I have a strange setup: A server at home, which is usually not reachable from the outside world (inbound connections are blocked, both at the DSL modem, and using pf on the server's external ethernet interface). On an internal network, it runs a variety of servers, including a web server that's reachable normally on port 80 and port 443. Say for example my server is called internal.example.com, then inside our household I can browse "https://internal.example.com", and there is a lot of good stuff (including CGI scripts that help with system administration and equipment operation). A lot of that stuff is confidential or worse, which is the reason why the server is usually unreachable. So far so good.
Turns out that occasionally I actually do need to access some web content from the outside. Not a big problem: I can configure the DSL modem to tunnel and translate a few ports: take port 443 on the outside (public network) and translate it to port 8443 inside. Then I configure apache with a separate VirtualHost section for "*:8443", which is restricted: served out of a directory with only a few (safe) files, no CGI scripts, no soft links, no directory listing, no index.html, and so on. As long as you use this to directly go to a single file, it works good: On the outside world, you can go to "https://internal.example.com/test.html" (no port number, goes directly to port 443), and see that file.
The problem is: For some reason, the apache server returns to the web client that it is serving things on port 8443. So if you try to reload the same page, or follow a link, it won't work: The web browser has updated to link to be to "https://internal.example.com:8443/test.html", and that port number doesn't work on the outside world.
The root cause of the problem is: The apache server thinks (correctly, from its viewpoint) that it is serving port 8443. The web browser outside thinks (correctly, from its viewpoint) that the pages are being served on port 443. The apache server is smart enough to append 8443, perhaps via redirects or via decorating links, but from the client's viewpoint that's incorrect.
I vaguely remember that there is a setting you can put into the apache configuration file to override the host name and port number that the server identifies itself as. But I can't find it, neither in example files, nor by a quick reading of the (huge) documentation, nor in examples on the web. Am I being blind?
Details, if it matters: FreeBSD 11.0-RELEASE with the stock apache24.
I have a strange setup: A server at home, which is usually not reachable from the outside world (inbound connections are blocked, both at the DSL modem, and using pf on the server's external ethernet interface). On an internal network, it runs a variety of servers, including a web server that's reachable normally on port 80 and port 443. Say for example my server is called internal.example.com, then inside our household I can browse "https://internal.example.com", and there is a lot of good stuff (including CGI scripts that help with system administration and equipment operation). A lot of that stuff is confidential or worse, which is the reason why the server is usually unreachable. So far so good.
Turns out that occasionally I actually do need to access some web content from the outside. Not a big problem: I can configure the DSL modem to tunnel and translate a few ports: take port 443 on the outside (public network) and translate it to port 8443 inside. Then I configure apache with a separate VirtualHost section for "*:8443", which is restricted: served out of a directory with only a few (safe) files, no CGI scripts, no soft links, no directory listing, no index.html, and so on. As long as you use this to directly go to a single file, it works good: On the outside world, you can go to "https://internal.example.com/test.html" (no port number, goes directly to port 443), and see that file.
The problem is: For some reason, the apache server returns to the web client that it is serving things on port 8443. So if you try to reload the same page, or follow a link, it won't work: The web browser has updated to link to be to "https://internal.example.com:8443/test.html", and that port number doesn't work on the outside world.
The root cause of the problem is: The apache server thinks (correctly, from its viewpoint) that it is serving port 8443. The web browser outside thinks (correctly, from its viewpoint) that the pages are being served on port 443. The apache server is smart enough to append 8443, perhaps via redirects or via decorating links, but from the client's viewpoint that's incorrect.
I vaguely remember that there is a setting you can put into the apache configuration file to override the host name and port number that the server identifies itself as. But I can't find it, neither in example files, nor by a quick reading of the (huge) documentation, nor in examples on the web. Am I being blind?
Details, if it matters: FreeBSD 11.0-RELEASE with the stock apache24.