Apache HTTP Server Reverse Proxy Configuration

Written By Ascolta Staff

Introduction

When connecting clients to servers it is important to use proxies because they can block access to certain content, protect the identity of clients, and cache content to increase performance.

Deploying services to servers and configuring them properly involves several steps, some of which can be eliminated by the use of conventions. One of the conventions allows for "automatic" reverse proxy configuration for the services.

There are two types of proxies:

Forward proxies, often called proxy, proxy server, or web proxy, sit in front of clients and prevents servers from communicating directly with clients.

Forward Proxy



In this process flow, a client sends requests to the forward proxy, which are then forwarded to the server. The server sends a response to the forward proxy, which then forwards the response back to the client.

Reverse proxies sit in front of servers and prevents clients from communicating directly with servers. This process flow is similar to the forward proxy flow.

The difference between the types of proxies is subtle. Forward proxies manages multiple clients, and reverse proxies manage multiple servers.

Reverse Proxy Configuration

Reverse proxies in Apache HTTP servers are configured in VirtualHost sections in the httpd.conf file.

Apache Config

The IncludeOptional directive includes a wildcard in the path parameter. When the Apache HTTP server is started, all files with a conf extension in the specified path will be included in the VirtualHost section. The wildcard enables the "automatic" reverse proxy configuration.

The conf files have two directives, ProxyPass and ProxyPassReverse.

In this example, when clients make requests to /webservice, Apache HTTP server will forward the requests to http://webserver:12345.

Deploying Sevices

Using a wildcard in the path parameter in the IncludeOptional directive makes configuring reverse proxies for services a simple process. Part of the install procedure for the service includes dropping a file with a conf extension in the directory specified by the path parameter. The name part of the file can be any valid name, and fter the service is installed, a restart of the Apache HTTP server will include the proxy configurations.

Conclusion

With reverse proxies, you can do load balancing, obtain a level of protection from attacks since IP addresses are not revealed, implement caching, and enable SSL encryption. By using the wildcard in the path parameter in the IncludeOptional directive, you can automate the reverse proxy configuration making for a simple installation procedure.

Ascolta Staff
Previous

Improving your Zero-Trust Security with Cloudflare Access and HashiCorp Boundary
Next

i2 Analyst’s Notebook; Integrator and Reseller