Users receive "HTTP 404" error when accessing an external URL hosted behind reverse proxy
Article ID: 168809
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
When accessing an external URL hosted behind the ProxySG appliance in reverse proxy mode, users might receive an HTTP 404 error.
This issue occurs when forwarding is configured on the appliance, as in the following policy example:
forwarding ;mode
create host "internal_example" www.internalexample.com http=80 ssl-verify-server=no server
<Proxy>
url.domain="www.externalexample.com" Allow
<Forward>
server_url.domain="www.externalexample.com" forward("internal_example") forward.fail_open(no)
Cause
The origin content server (OCS) expects to receive a request where the Host HTTP header value is an internal URL, and does not respond if the Host header has any other value. When the OCS receives a request where the Host header value is an external URL, it returns an HTTP 404 error and denies the forwarding request for a connection. For example:
forwarding ;mode
create host "internal_example" www.internalexample.com http=80 ssl-verify-server=no server
<Proxy>
url.domain="www.externalexample.com" Allow
<Forward>
server_url.domain="www.externalexample.com" forward("internal_example") forward.fail_open(no)
forwarding ;mode
create host "internal_example" www.internalexample.com http=80 ssl-verify-server=no server
<Proxy>
url.domain="www.externalexample.com" Allow
<Forward>
server_url.domain="www.externalexample.com" forward("internal_example") forward.fail_open(no)
Resolution
Implement TWURL rules to redirect traffic on the ProxySG appliance. For information on how to implement a TWURL, see An example of a complex two-way URL rewrite (TWURL) and Implementing server portals - TWURL (two way URL rewrite).
Feedback
Yes
No
Powered by
