How to proxy a Web site by apache2 in Ubuntu

Install apache2

To execute the install command in terminal:

sudo Install apache2

Then, we can find the Apache2 have been installed in "/etc/" directory.

[Email protected]:cd/etc/Apache2[email protected]:/etc/apache2$ Apache2-Versionserver Version:apache/2.4.7(Ubuntu) Server built:apr3  the  A: -: -[email protected]:/etc/apache2#ls-Ltotal the-rw-r--r--1Root root7115Jan7  +: atAPACHE2.CONFDRWXR-xr-x2Root root4096June -  the: theconf-AVAILABLEDRWXR-xr-x2Root root4096June -  the: theconf-enabled-rw-r--r--1Root root1782Jan3  A: -Envvars-rw-r--r--1Root root31063Jan3  A: -MAGICDRWXR-xr-x2Root root12288June -  the: themods-AVAILABLEDRWXR-xr-x2Root root4096June -  the: themods-enabled-rw-r--r--1Root root theJan7  +: atPORTS.CONFDRWXR-xr-x2Root root4096June -  the: ,sites-AVAILABLEDRWXR-xr-x2Root root4096June -  the: theSites-enabled

Attention:

After executing the install command, some echo exception messages.

AH00558:apache2:Could not reliably determine the server' ServerName'   Directive globally to suppress the message(98 in use:AH00072:make_sock:could not bind to address [::]:98in0.0.  0.0:No listening sockets available, shutting down

If So, we need to:

1) Config the "ServerName" in apache2.conf.

[Email protected]:cd/etc/vi  apache2.conf ... ServerName localhost ...

2) End the existed process which is using the-the-socket.

grep  the  -I:kill {PID}

Or Modify the Listen socket. (see Config listening ports)

Then, we can restart apache2.

[Email protected]:sudo /etc/init.d/apache2 restart

Config Listening ports

We can change and add the listening ports by modifying port.conf file in "/etc/apache2/".

[Email protected]:sudovi /etc/apache2/ports.conf

For example, we have the default port from-to-bay to avoid the in used PORTD.

Listen Bayi<ifmodule ssl_module>    Listen443</ifmodule><ifmodule mod_gnutls.c >    Listen443</IfModule>

After changing the default port, the default site configuration (/etc/apache2/sites-enabled/000-default.conf) also need be Updated.

[Email protected]:sudovi /etc/apache2/sites-enabled/-default.conf

Modify

<virtualhost *:>

As

<virtualhost *:bayi>

Config Proxy or reverse proxy

Here, there are a Tomcat worked in 8080 port as our Java EE Server and an application named "Jreport" running in it. We'll config the Apache to proxy it.

1. Activate Proxy Module

There is "mods-available" and "mods-enabled" and "Directories in Apache". The "mods-available" directory includes all available module configuration files. If we want to make them take effect, they must is copied or linked into the "mods-enabled" directory.

For activating the proxy module, we create a some soft link for "Proxy.load", "Proxy_http.load" and "proxy.conf".

sudo Ln -S. /mods-available/proxy.load[email protected]:sudoln -S. /mods-available/proxy_http.load[email protected]:sudoln -S. /mods-available/proxy.conf

Then, execute the a2enmod command.

[Email protected]:/etc/apache2$ a2enmod Proxy

2. Config Proxy

After activating the proxy module, we can config the ' Forward proxy ' or ' Reverse proxy ' for the ' jreport ' application in T Omcat.

• Reverse Proxy

Reverse Proxy is the most used.

/jreport ${jreport_server}//jreport ${jreport_server}/jreport

Or

3600036000<Location/jreport/>    proxypass ${jreport_server}/Jreport    proxypassreverse ${jreport_server}/jreport    /jreport/</location>

For easy-to-config, we define a variable named "Jreport_server" in "/etc/apache2/envvars".

Export jreport_server=http://192.168.0.88:8080

After restarting the Apache with the latest configuration, we can access the ' Jreport ' Application with:

http://localhost:81/jreport

• Forward Proxy

For example, to-control who can access your proxy:

proxyrequests Onproxyviaon <proxy *>  192.168.  0</Proxy>

For more details, please see the official doc about Mod_proxy.

Add SSL Support1. Install OpenSSL and Ssl_cert

sudo Install OpenSSL ssl_cert

2. Generate private Key and certification

sudo mkdir /etc/apache2//etc/apache2/ssl[email protected]:sudo1024x768[ Email protected]:sudo3650

3. Activate SSL Module

sudo Ln -S. /mods-available/ssl.load[email protected]:sudoln -S. /mods-available/ssl.conf[email protected]:sudo a2enmod SSL

4. ADD SSL Support for site

Now, we modify the default site configuration (/etc/apache2/sites-enabled/000-default.conf) to add SSL support and make no N-https Access use the HTTPS automatically.

Usually, we config the 443 port for SSL support.

<virtualhost *:bayi> ...    rewriteengine on%{https}! = On ^/? (.         *) $ https://%{server_name}/$1 [L,R]</virtualhost><virtualhost *:443>     sslengine     on /etc/apache2/ssl/my-server. CRT     /etc/apache2/ssl/my-server. Key     ...</virtualhost>

Postscript

I have just recorded my first attempt to proxy a Web site by Apache for memo. There is some other useful and complex modules in Apache, such as rewrite, load balance and so on.

Reference

1. Apache official doc: http://httpd.apache.org/docs/2.4/