This module implements a proxy/gateway for Apache. It implements proxying capability for AJP13 (Apache JServe Protocol version 1.3), FTP, CONNECT (for SSL), HTTP/0.9, HTTP/1.0, and HTTP/1.1. The module can be configured to connect to other proxy modules for these and other protocols.
This post also can be named as “How to setup a proxy passer(ProxyPass, ProxyPassReverse) in Apache2” because today we are going to look at is how to setup mod_proxy as a reserve proxy in your linux environment. You might be wondering what’s the difference between a forward proxy server and a reverse proxy server? the answer is here. There could be many situation where you want to set up a reserver proxy, couple of them are mentioned below.
- Front an application server as tomcat or JBoss with Apache
- Application running on a different port other than 80 or 443(we usually only expose 80 or 443 to the public)
- Mask the underlying server/Stop direct access to the underlying server
If you are more info on why Apache should be used in front of JBoss/Glassfish/Tomcat? Check this link out. Below image depicts what we are going to do today.
1st you have to install Apache on the ubuntu instance using below command.
sudo apt-get update sudo apt-get install apache2
Now enable the proxy modules which are required,
- proxy – The main proxy module for Apache that manages connections and redirects them.
- proxy_http – This module implements the proxy features for HTTP and HTTPS protocols.
To enable the command would be,
sudo a2enmod proxy proxy_http
Now let’s create a virtual host now. If you don’t know about virtual hosts time to read this post. Moving on let me explain the directives.
- VirtualHost *:80 – Virtual hosts will be listening on the default port 80(could 443 if you are using https)
- ServerName – Server name
- ServerAlias – Alternate names
- ErrorLog – File contains any errors that it encounters in processing requests
- CustomLog – All requests processed by the server. Access log file
- ProxyPreserveHost – will pass the Host: line from the incoming request to the proxied host, instead of the hostname specified in the ProxyPass line.
<VirtualHost *:80> ServerName dasunhegoda.com ServerAlias www.dasunhegoda.com ProxyPreserveHost On # ProxyPass / http://[IP Addr.]:[port]/ # ProxyPassReverse / http://[IP Addr.]:[port]/ ProxyPass / http://192.168.1.10:8080/ ProxyPassReverse / http://192.168.1.10:8080/ ErrorLog "/var/logs/apache2/dasun_error_log" CustomLog "/var/logs/apache2/dasun_access_log" </VirtualHost>
Now enable to the vhost using below command.
sudo a2ensite vhost_name
Now restart the apache web server.
sudo service apache2 restart
Proxing should be working for you now. What above will do is, http://192.168.1.10:8080 application will be exposed via port 80. when you type dasunhegoda.com on the browser it will show the application which is running on http://192.168.1.10:8080. but the browser will never know that it’s the application running on port 8080.
Tips & Tricks
Let’s assume that you are accessing backend server via https if so you have to add SSLProxyEngine on in your virtual host as shown below.
<VirtualHost *:80> ServerName dasunhegoda.com ServerAlias www.dasunhegoda.com ProxyPreserveHost On SSLProxyEngine on # ProxyPass / https://IP:port/ # ProxyPassReverse / https://IP:port/ ProxyPass / https://192.168.1.10:8080/ ProxyPassReverse / https://192.168.1.10:8080/ ErrorLog "/var/logs/apache2/dasun_error_log" CustomLog "/var/logs/apache2/dasun_access_log" </VirtualHost>
That’s it. Piece of cake right? Also note that all directives that comes with mod_proxy are explained here. If you have any questions let me know in the comments below. Your feedback is highly appreciated(happy-face).