Patch for for rewriting HTTP redirects


Download the patch to


We use Apache as a reverse proxy in front of an iPlanet webmail server. This allows us to provide a layer of "insulation" for additional security and to encrypt the webmail sessions.

When you're accessing the webmail server normally, you connect to the URL and it sends back a HTTP redirect with some session info. This redirect header looks something like:


The "host=" is used by the Webmail Javascript interface.

When placed behind an SSL reverse proxy using the normal Apache proxy directives (ProxyPass and ProxyPassReverse) the proxy rewrites the first part of the URL but the rest doesn't match, like so:


One potential solution is to propogate the internal name externally, but this will still cause problems due to the mismatch between http: and https: in the URLs and the bulk of the session, including the logon, will not be encrypted.


Initially, I attempted to get the combination of mod_proxy and mod_rewite to do the job, but was unable to. Eventually I modified the module to do a global substitution on any Location headers.

The small rewrite patch for is available for download.


Add a PerlHandler directive to your Apache httpd.conf. The additional configuration is done via the Perl variable ReverseProxyRewriteRedirect which can contain zero or more substitutions. The patch is (well, should be :-) benign if this variable is not set. The section from the Apache httpd.conf will look like:
<Location />
  SetHandler perl-script
  PerlHandler Apache::ReverseProxy
  PerlSetVar ReverseProxyConfig /usr/local/apache/conf/rproxy.conf

  # Optional configuration items:
  #PerlSetVar ReverseProxyChain
  #PerlSetVar ReverseProxyNoChain
  PerlSetVar ReverseProxyRewriteRedirect " =>"
The rproxy.conf file doesn't change from normal. For our example, it will look like:
# Redirect to internal server


This patch and document is Copyright 2001, Darren Tucker.

Permission is given to use, modify or redistribute this patch or document under the same terms as Perl itself.


This patch is based on by Clinton Wong.

It includes code and ideas from by Christan Gilmore.

Valid HTML 4.01!

Page last modified: $Date: 2015/12/01 02:44:46 $