Reverse Proxy HA with Apache

Universe1808 · February 23, 2023, 9:46am

I already have an Apache web server that manages the communication between the different services and websites as a reverse proxy.

The Apache web server also handles the SSL certificates and resolves them to an unencrypted connection within the LAN.

The configuration file is used:
httpd-vhosts.conf
Here the relevant section.

# ---------------------------
# home.mydomain.com
# ---------------------------

<virtualhost *:80>
	servername home.mydomain.com
	redirect permanent / https://home.mydomain.com/
</virtualhost>

<virtualhost *:443>
    servername home.mydomain.com

    rewriteengine on
    rewriterule ^/(.*)    http://10.1.254.12:8123/$1 [p,l]
   
	sslengine on
	sslcertificatefile  "conf/ssl/mydomain.com/prim_interm.crt"
	sslcertificatekeyfile "conf/ssl/mydomain.com/private.key"
	
	# not in use because of url rewrite
    documentroot "w:/www/home"
</virtualhost>

Similar sections are currently in use to reverse proxy to different LAN servers and on different ports and there everything works fine.

However accessing HA over the internet will lead to an error
400: Bad request

I also entered the public domain to
HA → Settings → System → Network → Home Assistant URL
set it to:
https://home.mydomain.com

Any ideas what is going on?

Thanks!

exxamalte · February 23, 2023, 12:58pm

There is a bit more configuration required - especially proxying websocket requests is essential for the reverse proxy to work. This thread should help:

technotiger · December 11, 2023, 11:05am

The “400: Bad request” can be fixed by adding your proxy server’s ip as a trusted proxy in home assistant’s configuration.yaml file.

Example

http:
  ip_ban_enabled: True
  login_attempts_threshold: 5
  use_x_forwarded_for: true
  trusted_proxies:
    - IP_ADDR_OF_PROXY_SERVER