The approach seems sound to me. We did something similar (also using PHP) a few years ago when we migrated from one discovery interface to another. We had quite a few internal apps that linked to individual resources and of course the search engines kept trying to crawl it for a while. We didn't do a landing page; we just returned a 301 with the new URL and logged it. We were able to eventually find all our own links to fix and notify any external ones. As you say, eventually they dwindled down until we got rid of it.
As for the second part, we are in the process of migrating to a new proxy setup and decided not to go with self-hosted EZproxy. I'm going to use CaddyServer with AuthCrunch plugin and Keycloak for the IdP. (AuthCrunch also supports SAML IdP though). CaddyServer supports using LetsEncrypt with a wildcard cert (IF you have a compatible DNS server). I think there is also has an API you can use for managing configurations for the proxy. I'm not sure what your motivations for moving are (and are needs are pretty minimal compared to academic libraries) so this might not be relevant to you at all. But the price is right!
Brent
-----Original Message-----
From: Code for Libraries <CODE4LIB_at_LISTS.CLIR.ORG> On Behalf Of Coral Sheldon-Hess
Sent: Friday, February 27, 2026 11:41 AM
To: CODE4LIB_at_LISTS.CLIR.ORG
Subject: [CODE4LIB] Forward EZproxy request to OpenAthens
Hi!
We're considering a move away from self-hosted EZproxy and one-off Shibboleth SSO connections to our vendors, to OpenAthens. People are, understandably, concerned about the migration. Obviously, we'll change the links we control, but we don't control our faculty colleagues' Canvas shells, for instance.
Since we host (and control, down to Apache settings) our own proxy server, is there some fundamental reason why we couldn't do some kind of forwarding, rewriting requests with our proxy prefix to have the OpenAthens prefix on the fly? Has anyone done this?
Even if we don't do an automatic forward, I could imagine a landing page that says something in the neighborhood of "you entered EZProxyPrefix?url=https://whatever. Please update your link to [linked]OpenAthensPrefix?url=https://whatever[/linked], or alert the owner of the site that directed you here." That feels totally doable. There's no reason that couldn't work, even if it means disabling the proxy and writing our own PHP; it shouldn't even be difficult. Right? And it could stay up for as long as we feel like maintaining our server. (Just kidding, we'd count hits and take it down when they get low enough.)
Is there something even simpler, that you did during your migration, that I'm overlooking?
The floor is open for other opinions about OpenAthens, too. The price tag is … significant, during a bad budget cycle, so, even if all the other stars align, we may not be making the switch. If you want to tell me horror stories so I don't feel bad about a potential "no," you'd probably be doing me a favor. 😁
Thanks!
--
*Coral Sheldon-Hess*
coral_at_sheldon-hess.org
Received on Fri Feb 27 2026 - 13:14:43 EST