root@opentodo#

GNU/Linux and Unix notes

Reverse proxy with Apache

Reverse proxy is very useful when We need Load balancing web requests or ensure our web servers for possible attacks. The operation of reverse proxy is simple, acts as intermediary between the web browser requests and the real web server (backends). A very common configuration for reverse proxy is installing a server in a DMZ executing it and the real servers configured in the LAN. Installing this type of proxy has some advantages:

  • Control the URL access in one point of your web server access.
  • Log all the inbound request in the same server.
  • The web requests are not handled by the web server, improving the security.
  • SSL acceleration, Installing the certificates in the proxy server releasing the load to the web server.
  • Load balancing between the different servers.

Image

In this scenario I’ll configure one reverse proxy server offering the resources /was1 and /was2 located in two differents servers in a LAN with a different subnet.

Configuring apache to provide reverse proxy service:

1.- Installing mod_proxy module for apache:

# apt-get install libapache2-mod-proxy-html

2.- Edit /etc/apache2/httpd.conf:

LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so

3.- Create new virtualhost /etc/apache2/sites-enabled/virtual-reverse-proxy :

<virtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.webapplication.com
<location /was1>
ProxyPass http://internal1.webapplication.com/
ProxyPassReverse http://www.webapplication.com/was1
</location>
<location /was2>
ProxyPass http://internal2.webapplication.com/
ProxyPassReverse http://www.webapplication.com/was2
</location>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</virtualHost>
  • ProxyPass: maps the public URL to the internal URL for the backend web server.
  • ProxyPassReverse: hides the real server URL maintain the public URL in the outbound HTTP headers.

4.- Restart apache web server:

# service apache2 restart

Testing our reverse proxy

Image

Image

For more information about mod_proxy for Apache see:

http://httpd.apache.org/docs/2.2/mod/mod_proxy.html

Reverse proxy with Apache
Tagged on:         

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Follow

Get every new post delivered to your Inbox

Join other followers: