Thursday, April 3, 2014

Apache Reverse Proxy with secure HTTPS SSL

Setting a reverse proxy allows us to share the same public static IP address with multiple servers in the same LAN.

# vim /usr/local/etc/apache22/httpd.conf
Listen 80
Listen 443

LoadModule proxy_module libexec/apache22/mod_proxy.so
LoadModule proxy_http_module libexec/apache22/mod_proxy_http.so

# vim /usr/local/etc/apache22/extra/httpd-vhosts.conf
NameVirtualHost *:80
NameVirtualHost *:443

### set up a reverse proxy for the regular HTTP port 80 website.
<VirtualHost *:80>
    ServerName store.mydomain.com
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / http://192.168.0.5:80/
    ProxyPassReverse / http://192.168.0.5:80/
    ErrorLog "/var/log/apache22/store.mydomain.com-error_log"
    CustomLog "/var/log/apache22/store.mydomain.com-access_log" common
</VirtualHost>

### set up a reverse proxy for the secure HTTPS port 443 website.
<VirtualHost *:443>
    ServerName store.mydomain.com:443
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / https://192.168.0.5:443/
    ProxyPassReverse / https://192.168.0.5:443/
    SSLProxyEngine On
    SSLCertificateFile "/usr/local/etc/apache22/ssl/store.mydomain.com.crt"
    SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/store.mydomain.com.key"
    ErrorLog "/var/log/apache22/store.mydomain.com-error_log"
    CustomLog "/var/log/apache22/store.mydomain.com-access_log" common
</VirtualHost>

Reference:
http://blog.ijun.org/2014/03/difference-between-proxy-server-and.html
http://httpd.apache.org/docs/current/vhosts/examples.html
http://ubuntuguide.org/wiki/Apache2_reverse_proxies
http://stackoverflow.com/questions/16130303/apache-config-how-to-proxypass-http-requests-to-https

No comments: