Apache as a Reverse Proxy

Posted 27 May, 2011
Filed under: apache, debian, sysadmin |

Recently, in my current job, i have to configure a reverse proxy for some WEB servers, to share the same IP and DNS name.

Almost all servers are SSL enabled for their WEB application.

For this configuration Apache + mod_proxy will be used.

Apache as a reverse proxy configuration

The reverse proxy is a Debian GNU/Linux 6.0 box. To install Apache:

apt-get install apache2 mod_proxy mod_ssl

To enable mod_proxy and mod_ssl, in Debian GNU/Linux for Apache:

a2enmod proxy ssl

Put the X.509 Certificate Autority (CA) file in a location for Apache, this certificate is the CA for the webservers to be proxied (if they are SSL-enabled).

/etc/apache2/ssl/ca.crt

Edit the VirtualHost file, for the reverse proxy:
<VirtualHost *:80> ProxyRequests Off RewriteEngine on SSLProxyEngine on SSLProxyCACertificateFile /etc/apache2/ssl/ca.crt <Proxy *> Order deny,allow Allow from all </Proxy> <Location /webserver1/> ProxyPass https://ip.webserver1/ ProxyPassReverse https://ip.webserver1/ </Location> <Location /webserver2/> ProxyPass http://ip.webserver2/ ProxyPassReverse http://ip.webserver2/ </Location> <Location /webserver3/> ProxyPass https://ip.webserver3/ ProxyPassReverse https://ip.webserver3/ </Location> </VirtualHost >

Restart the Apache WEB server:
/etc/init.d/apache2 restart

With this configuration, the internal webservers are accesible from INTERNET.
http://reverse.proxy.domain/webserver1/
http://reverse.proxy.domain/webserver2/
http://reverse.proxy.domain/webserver3/

Also, it’s possible to configure the reverse proxy with SSL for HTTPS connections.
https://reverse.proxy.domain/

Like this:

Be the first to like this post.

Adolfo Maltez