Sunday, 9 December 2018

Apache2 Reverse Proxy

How to Setup Reverse Proxy on Apache2
Simple Explanation of Forwarding Proxy && Reverse Proxy

Forward proxies send the requests of a client onward to a web server. 
Users access forward proxies by directly surfing
 to a web proxy address or by configuring their Internet settings. 
Forward proxies allow circumvention of 
firewalls and increase the privacy and security 
for a user but may sometimes be used to download 
illegal materials such as copyrighted materials or child pornography.

Reverse proxies transparently handle 
all requests for resources on destination servers 
without requiring any action on the part of the requester.

Reverse proxies are used:

To enable indirect access when a website disallows direct connections as a security measure.
To allow for load balancing between severs.
To stream internal content to Internet users.
To disable access to a site, for example when an ISP or government wishes to block a website.

Set up Reverse Proxy on Apache2

// Enabling Necessary Apache Modules
# sudo a2enmod proxy
# sudo a2enmod proxy_http
# sudo a2enmod proxy_balancer
# sudo a2enmod lbmethod_byrequests

// Restart Apache
# sudo systemctl restart apache2

// Creating Backend Test Servers(Can create others listening to different port to test)
# sudo apt-get update
# sudo apt-get -y install python3-pip
# sudo pip3 install flask
# vim ~/
// ~/ :
from flask import Flask
app = Flask(__name__)

def home():
    return 'Hello world!'

// Create another back end test server
# cp ~/ ~/
# vim ~/
 // ~/
from flask import Flask
app = Flask(__name__)

def home():
    return 'Howdy world!'

// start the first background server on port 8080. 
// This also redirects Flask's output to /dev/null because it would cloud the console output further on.

$ FLASK_APP=~/ flask run --port=8080 >/dev/null 2>&1 &

// start the second server on port 8081
$ FLASK_APP=~/ flask run --port=8081 >/dev/null 2>&1 &

//  curl  curl should work

// Example 1: Configure Apach2 to use reverse proxy to server at 8080 by editting default site config file
$ sudo vim /etc/apache2/sites-available/000-default.conf

// 000-default.conf : ( Reverse proxy to first server listening on port 8080)

    ProxyPreserveHost On

    ProxyPass /
    ProxyPassReverse /

// Restart apache2
$sudo systemctl restart apache2

// Example 2: Load Balancing Across Multiple Backend Servers

$ sudo vim /etc/apache2/sites-available/000-default.conf

// etc/apache2/sites-available/000-default.conf


    ProxyPreserveHost On

    ProxyPass / balancer://mycluster/
    ProxyPassReverse / balancer://mycluster/

// Restart apache2 $sudo systemctl restart apache2 Sources on Proxy Sources on ReverseProxy

No comments:

Post a comment