How to proxy a Web site by apache2 in Ubuntu

Source: Internet
Author: User
Tags install openssl

Install apache2

To execute the install command in terminal:

sudo Install apache2

Then, we can find the Apache2 have been installed in "/etc/" directory.

[Email protected]:cd/etc/Apache2[email protected]:/etc/apache2$ Apache2-Versionserver Version:apache/2.4.7(Ubuntu) Server built:apr3  the  A: -: -[email protected]:/etc/apache2#ls-Ltotal the-rw-r--r--1Root root7115Jan7  +: atAPACHE2.CONFDRWXR-xr-x2Root root4096June -  the: theconf-AVAILABLEDRWXR-xr-x2Root root4096June -  the: theconf-enabled-rw-r--r--1Root root1782Jan3  A: -Envvars-rw-r--r--1Root root31063Jan3  A: -MAGICDRWXR-xr-x2Root root12288June -  the: themods-AVAILABLEDRWXR-xr-x2Root root4096June -  the: themods-enabled-rw-r--r--1Root root theJan7  +: atPORTS.CONFDRWXR-xr-x2Root root4096June -  the: ,sites-AVAILABLEDRWXR-xr-x2Root root4096June -  the: theSites-enabled
Attention:

After executing the install command, some echo exception messages.

AH00558:apache2:Could not reliably determine the server' ServerName'   Directive globally to suppress the message(98 in use:AH00072:make_sock:could not bind to address [::]:98in0.0.  0.0:No listening sockets available, shutting down

If So, we need to:

1) Config the "ServerName" in apache2.conf.

[Email protected]:cd/etc/vi  apache2.conf ... ServerName localhost ...

2) End the existed process which is using the-the-socket.

grep  the  -I:kill {PID}

Or Modify the Listen socket. (see Config listening ports)

Then, we can restart apache2.

[Email protected]:sudo /etc/init.d/apache2 restart
Config Listening ports

We can change and add the listening ports by modifying port.conf file in "/etc/apache2/".

[Email protected]:sudovi /etc/apache2/ports.conf

For example, we have the default port from-to-bay to avoid the in used PORTD.

Listen Bayi<ifmodule ssl_module>    Listen443</ifmodule><ifmodule mod_gnutls.c >    Listen443</IfModule>

After changing the default port, the default site configuration (/etc/apache2/sites-enabled/000-default.conf) also need be Updated.

[Email protected]:sudovi /etc/apache2/sites-enabled/-default.conf

Modify

<virtualhost *:>

As

<virtualhost *:bayi>
Config Proxy or reverse proxy

Here, there are a Tomcat worked in 8080 port as our Java EE Server and an application named "Jreport" running in it. We'll config the Apache to proxy it.

1. Activate Proxy Module

There is "mods-available" and "mods-enabled" and "Directories in Apache". The "mods-available" directory includes all available module configuration files. If we want to make them take effect, they must is copied or linked into the "mods-enabled" directory.

For activating the proxy module, we create a some soft link for "Proxy.load", "Proxy_http.load" and "proxy.conf".

sudo Ln -S. /mods-available/proxy.load[email protected]:sudoln -S. /mods-available/proxy_http.load[email protected]:sudoln -S. /mods-available/proxy.conf

Then, execute the a2enmod command.

[Email protected]:/etc/apache2$ a2enmod Proxy
2. Config Proxy

After activating the proxy module, we can config the ' Forward proxy ' or ' Reverse proxy ' for the ' jreport ' application in T Omcat.

    • Reverse Proxy

Reverse Proxy is the most used.

/jreport ${jreport_server}//jreport ${jreport_server}/jreport

Or

3600036000<Location/jreport/>    proxypass ${jreport_server}/Jreport    proxypassreverse ${jreport_server}/jreport    /jreport/</location>

For easy-to-config, we define a variable named "Jreport_server" in "/etc/apache2/envvars".

Export jreport_server=http://192.168.0.88:8080

After restarting the Apache with the latest configuration, we can access the ' Jreport ' Application with:

http://localhost:81/jreport
    • Forward Proxy

For example, to-control who can access your proxy:

proxyrequests Onproxyviaon <proxy *>  192.168.  0</Proxy>

For more details, please see the official doc about Mod_proxy.

Add SSL Support1. Install OpenSSL and Ssl_cert
sudo Install OpenSSL ssl_cert
2. Generate private Key and certification
sudo mkdir /etc/apache2//etc/apache2/ssl[email protected]:sudo1024x768[ Email protected]:sudo3650
3. Activate SSL Module
sudo Ln -S. /mods-available/ssl.load[email protected]:sudoln -S. /mods-available/ssl.conf[email protected]:sudo a2enmod SSL
4. ADD SSL Support for site

Now, we modify the default site configuration (/etc/apache2/sites-enabled/000-default.conf) to add SSL support and make no N-https Access use the HTTPS automatically.

Usually, we config the 443 port for SSL support.

<virtualhost *:bayi> ...    rewriteengine on%{https}! = On ^/? (.         *) $ https://%{server_name}/$1 [L,R]</virtualhost><virtualhost *:443>     sslengine     on /etc/apache2/ssl/my-server. CRT     /etc/apache2/ssl/my-server. Key     ...</virtualhost>
Postscript

I have just recorded my first attempt to proxy a Web site by Apache for memo. There is some other useful and complex modules in Apache, such as rewrite, load balance and so on.

Reference
    1. Apache official doc: http://httpd.apache.org/docs/2.4/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.