mod
proxy is the Apache module for redirecting connections (i.e. a
gateway, passing them through). It is enabled for use just like any
other module and configuration is pretty basic (or standard), in line
with others. modproxy is not just a single module but a collection of them, with each bringing a new set of functionality.
Some of these modules are:
- mod_proxy: The main proxy module for Apache that manages connections and redirects them.
- modproxyhttp: This module implements the proxy features for HTTP and HTTPS protocols.
- modproxyftp: This module does the same but for FTP protocol.
- modproxyconnect: This one is used for SSL tunnelling.
- modproxyajp: Used for working with the AJP protocol.
- modproxywstunnel: Used for working with web-sockets (i.e. WS and WSS).
- modproxybalancer: Used for clustering and load-balancing.
- mod_cache: Used for caching.
- mod_headers: Used for managing HTTP headers.
- mod_deflate: Used for compression.
Installing Apache And mod_proxy
Note: Instructions given here are kept brief, since
chances are you already have Apache installed or know how to use it.
Nonetheless, by following the steps below you can get a new Ubuntu VPS
running Apache in a matter of minutes.
Updating The Operating-System
We will begin with preparing our virtual server. We are going to
first upgrade the default available components to make sure that we have
everything up-to-date.
Update the software sources list and upgrade the dated applications:
aptitude update
aptitude -y upgrade
Getting The Essential Build Tools
Let's continue with getting the essential package for application building - the
build-essential. This package contains tools necessary to install certain things
from source.
Run the following command to install
build-essential package:
aptitude install -y build-essential
Getting The Modules And Dependencies
Next, we are going to get the module and dependencies.
Run the following command to install them:
aptitude install -y libapache2-mod-proxy-html libxml2-dev
Configuring Apache To Proxy Connections
Activating The Modules
Before configuring Apache, we are going to enable the necessary
modules that we will be using in this tutorial, or which might come in
handy in the future.
First, let's verify that all modules are correctly installed and ready to be activated.
Run the following command to get a list of available Apache modules:
a2enmod
# You will be presented with an output similar to:
# Which module(s) do you want to enable (wildcards ok)?
Once you are prompted with the choice of modules you desire, you can pass the below line listing the module names:
The list of modules:
proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html
Or alternatively, you can run the following commands to enable the modules one by one:
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
Note: Some modules are likely to be enabled by default. Trying to enable them twice will just ensure that they are active.
Modifying The Default Configuration
In this step, we are going to see how to modify the default configuration file
000-default.conf inside
/etc/apache2/sites-enabled to set up "proxying" functionality.
Run the following command to edit the default Apache virtual host using the nano text editor:
nano /etc/apache2/sites-enabled/000-default.conf
Here, we will be defining a proxy virtual host using
mod_virtualhost and
mod_proxy together.
Copy-and-paste the below block of configuration, amending it to suit your needs:
<VirtualHost *:*>
ProxyPreserveHost On
# Servers to proxy the connection, or;
# List of application servers:
# Usage:
# ProxyPass / http://[IP Addr.]:[port]/
# ProxyPassReverse / http://[IP Addr.]:[port]/
# Example:
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
ServerName localhost
</VirtualHost>
Press CTRL+X and confirm with Y to save and exit.
Enabling Load-Balancing
If you have multiple back-end servers, a good way to distribute the
connection when proxying them is to use Apache's load balancing
features.
Start editing the virtual-host settings like the previous step, but this time using the below configuration example:
<Proxy balancer://mycluster>
# Define back-end servers:
# Server 1
BalancerMember http://0.0.0.0:8080/
# Server 2
BalancerMember http://0.0.0.0:8081/
</Proxy>
<VirtualHost *:*>
# Apply VH settings as desired
# However, configure ProxyPass argument to
# use "mycluster" to balance the load
ProxyPass / balancer://mycluster
</VirtualHost>
Enabling SSL Reverse-Proxy Support
If you are dealing with SSL connections and certificates, you will
also need to enable a secondary virtual host with below settings.
Repeat the steps from the previous steps but using these configuration options:
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine On
# Set the path to SSL certificate
# Usage: SSLCertificateFile /path/to/cert.pem
SSLCertificateFile /etc/apache2/ssl/file.pem
# Servers to proxy the connection, or;
# List of application servers:
# Usage:
# ProxyPass / http://[IP Addr.]:[port]/
# ProxyPassReverse / http://[IP Addr.]:[port]/
# Example:
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
# Or, balance the load:
# ProxyPass / balancer://balancer_cluster_name
</VirtualHost>
Restarting Apache
Once you are happy with your configuration, you will need to restart the cloud server for the changes to go into effect.
Execute the following command to restart Apache:
service apache2 restart
