Install Apache Reverse Proxy on Ubuntu Server

Hello everyone,

I am going to implement an Apache Reverse Proxy on Ubuntu Server. I will share with you the steps I did to accomplish this task.

 

  • Install Ubuntu Server

I will not explain how to install Ubuntu Server as it’s straight forward and easy. For your information I used the 16.04.2 version and did a basic install without LAMP.

 

  • Install Apache

First of all, run :

sudo apt-get update

sudo apt-get upgrade

To make sure all of your packages are up to date. Then install Apache, here Ubuntu version 2.4.18 :

sudo apt-get install apache2

Check that Apache is now properly running and available by opening up your browser and surf to your server’s IP or run :

service apache2 status

 

  • Configure Apache

To work as a Proxy,  Apache needs some modules enabled. To enable a module, you can run :

a2enmod

It will show you all available modules you can enable. We will go ahead with the following ones :

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_ajp
sudo a2enmod rewrite
sudo a2enmod deflate
sudo a2enmod headers
sudo a2enmod proxy_balancer
sudo a2enmod proxy_connect
sudo a2enmod proxy_html

We will then need to disable Apache default configuration file 000-default.conf and create a new one inside the /etc/apache2/sites-available directory.

To disable it, run :

sudo a2dissite 000-default

Then create the new file :

sudo nano /etc/apache2/sites-available/reverse-proxy.conf

Note : you need to name it .conf or “a2ensite” will not find it when trying to enable it later.

Add your VirtualHost in this file to match your Reverse-Proxy preferences. Here is mine, you can tweak it :

<VirtualHost *:80>
 ServerName localhost
 DocumentRoot /var/www/html
 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined
 <Location />
 Require all denied
 </Location>
</VirtualHost>

<VirtualHost *:80>
 ServerName server1.domain.com
 ServerAdmin admin@domain.com
 DocumentRoot /var/www/html
 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined
 ProxyPass / http://srv1.domain.com/
 ProxyPassReverse / http://srv1.domain.com
# ProxyPreserveHost On
</VirtualHost>

<VirtualHost *:80>
 ServerName server2.domain.com
 ServerAdmin admin@domain.com
 DocumentRoot /var/www/html
 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined
 ProxyPass / http://srv2.domain.com/
 ProxyPassReverse / http://srv2.domain.com
# ProxyPreserveHost On
</VirtualHost>

 

The first VirtualHost will just deny the access to the default website if the others two are not match when checking the ServerName directive.

If you browse to server1.domain.com, it will forward requests to server srv1.domain.com and if you browse to server2.domain.com, it will forward requests to srv2.domain.com.

If you browse using the IP address or another subdomain pointing to your Proxy server, you will get the access denied webpage from the first VirtualHost.

I suggest you to read the great document on Apache’s website for more information on how Apache handle incoming requests, their orders and whats Directives your can use.

Here is the doc followed by some examples :

https://httpd.apache.org/docs/2.4/vhosts/index.html

https://httpd.apache.org/docs/2.4/vhosts/examples.html

 

Now, enable your new configuration file :

sudo a2ensite reverse-proxy

And finally, restart Apache :

sudo service apache2 restart

 

Your Proxy server should now work. IE.: as said above, browsing to server1.domain.com should redirect you to the app hosted on srv1.domain.com

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s