Users receive "HTTP 404" error when accessing an external URL hosted behind reverse proxy

book

Article ID: 168809

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When accessing an external URL hosted behind the ProxySG appliance in reverse proxy mode, users might receive an HTTP 404 error.

This issue occurs when forwarding is configured on the appliance, as in the following policy example:

forwarding ;mode
create host "internal_example" www.internalexample.com http=80 ssl-verify-server=no server
<Proxy>
url.domain="www.externalexample.com" Allow
<Forward>
    server_url.domain="www.externalexample.com" forward("internal_example") forward.fail_open(no)
 

Cause

The origin content server (OCS) expects to receive a request where the Host HTTP header value is an internal URL, and does not respond if the Host header has any other value. When the OCS receives a request where the Host header value is an external URL, it returns an HTTP 404 error and denies the forwarding request for a connection. For example:

forwarding ;mode
create host "internal_example" www.internalexample.com http=80 ssl-verify-server=no server

<Proxy>
url.domain="www.externalexample.com" Allow

<Forward>
    server_url.domain="www.externalexample.com" forward("internal_example") forward.fail_open(no)


 

Resolution

 Implement TWURL rules to redirect traffic on the ProxySG appliance. For information on how to implement a TWURL, see An example of a complex two-way URL rewrite (TWURL) and Implementing server portals - TWURL (two way URL rewrite).