<VirtualHost *:80>
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
#192.168.1.xx is the address of my miniserver
ProxyPass /ws ws://192.168.1.xx:80/ws
ProxyPassReverse /ws ws://192.168.1.xx:80/ws
ProxyPass / http://192.168.1.xx:80/
ProxyPassReverse / http://192.168.1.xx:80/
CustomLog /var/log/apache2/access_reverser.log Combined
ErrorLog /var/log/apache2/error_reverser.log
</VirtualHost>
Hi Filip, I am not 100% sure about the SSL compatibility in the app yet. I am aiming to explore this more at the weekend.
The problem with VPN is:1. that its not very user friendly on iOS.. settings -> connect to vpn -> wait for connection -> then open app
2. sustaining a connection on mobile isn't easy and as yet iOS doesn't reconnect.3. if Loxone decided to make something more of the app by using background services etc then the app could periodically connect to the mini server for updates/alerts. If VPN is disabled this wouldn't work.
4. Depending on the VPN connection implementation they may involve poor implementations that could leave your network less secure.
Ideally, if SSL coupled with a reverse proxy works then you only need one port open for cameras, loxone, intercom etc and yes it would enable a permanent connection when shifting networks.
XMLHttpRequest cannot load http://192.168.1.xx/jdev/cfg/api?_=xxxxxxxxxx. Origin https://192.168.1.xx is not allowed by Access-Control-Allow-Origin.vendor.js:6:4638
I have found the line of javascript in the web app and submitted a ticket with Loxone. I am hoping that they won't reject it as it will help everyone secure their miniservers behind SSL.
I will take a look at the article tonight. As for loxone apparently they are looking at my fix to see what knock-on/implications it may have which sounds promising. If all goes well then the javascript changes should be in the next mini server update.
In the meantime this is what I did:
1. Setup apache SSL with a cert.
2. Setup the config as follows
ProxyPass /scripts/scripts1.js !
ProxyPass /scripts/vendor.js !
Alias /scripts/scripts1.js /var/www/scripts/scripts1.js
Alias /scripts/vendor.js /var/www/scripts/vendor.js
ProxyPass / http://192.168.1.xx:80/
ProxyPassReverse / http://192.168.1.xx:80/
<Directory /var/www/scripts/>
Order allow,deny
Allow from all
</Directory>
3. head to /var/www/scripts
sudo wget http://miniserverip/scripts/script1.js
sudo wget http://miniserverip/scripts/vendor.js
4. Edit script1.js
Replace http in the _sendRequest js method to https
Replace ws with was in "new WebSocket("ws
5. Edit vendor.js
Replace http with https in ("http:"===h[1]?"80":"443")) in two locations in the file.
6. Bounce apache and try https.
I just need to get it to work in safari. I am not certain but it might be because I am not using a real cert on apache. Will come back once it is working safari as this will mean it will work on the iPhone/ipad.
Hi,I will take a look at the article tonight. As for loxone apparently they are looking at my fix to see what knock-on/implications it may have which sounds promising. If all goes well then the javascript changes should be in the next mini server update.
Hi not yet, I will follow up. So the fix does need to touch a couple of files, but if I switch them over to wss and https, it will take loxone longer as the need to cater for both ssl and non ssl.