I am trying to setup reverse proxy with wordpress and exclude couple of paths. My exclude rules work for admin, includes, ..etc but it doesn't work for /wp-json/. I am suspecting it is because of the .htaccess. I need wordpress to return the rest api data because I use that in gatsbyjs.
I have spent the whole day trying to figure this out. For some reason with my setup /wp-json/ returns 404 and it is proxied to the netlify server where the front-end part of my site lives. If I remove all the proxy rules wp-json works.
.htaccess contains the default wordpress stuff.
Here is a pastebin of my virtual host: https://pastebin.com/vFh6hCkN
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
Protocols h2 http/1.1
ServerName www.michaelharwinlaw.com
ServerAlias michaelharwinlaw.com
ServerAdmin webmaster@cyberserge.com
DocumentRoot /var/www/html/
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLProxyEngine on
ProxyPass /wp-admin/ !
ProxyPass /wp-login/ !
ProxyPass /wp-json/ !
ProxyPass /wp-content/plugins/ !
ProxyPass /wp-includes/ !
ProxyPassMatch .*\.xml !
ProxyPass / https://stag.michaelharwinlaw.com/
ProxyPassReverse / https://stag.michaelharwinlaw.com/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/mc-error.log
CustomLog ${APACHE_LOG_DIR}/mc-access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
Include /var/www/html/wp-content/uploads/wpseo-redirects/.redirects
SSLCertificateFile /etc/letsencrypt/live/www.michaelharwinlaw.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.michaelharwinlaw.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
.htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
It does not work because /wp-json
is not a real file or directory, without reading the .htaccess
, local requests will get a 404
not found
response, so Apache will continue to forward the request to remote server.
To fix this URL rewriting we need to send the requests to the local index.php
.
Replace ProxyPass /wp-json/ !
with
ProxyPass /index.php !
ProxyPass /wp-json !
/wp-json
without the ended slash /
is needed to handle request for both domain/wp-json
or domain/wp-json/
.
Any other non exist URL will be handled by remote server.