Reverse proxy with Apache 2.4 on Ubuntu 19.10 Eoan Ermine

Overview

--Install apache2 package on Ubuntu --Enable mod_proxy and mod_http with the a2enmod command --Enable mod_ssl with a2enmod command to reverse proxy to https

Install apache

Install the apache2 package.

$ sudo apt install apache2

Check the version.

$ /usr/sbin/apachectl -v
Server version: Apache/2.4.41 (Unix)
Server built:   Nov  9 2019 07:53:54

Enable mod_proxy and mod_proxy_http

Enable the modules needed to reverse proxy to the http site.

Enable the Apache module with the a2enmod command. Specifying proxy_http in the a2enmod command enables mod_proxy, which is dependent on mod_proxy_http.

$ sudo a2enmod proxy_http
Considering dependency proxy for proxy_http:
Enabling module proxy.
Enabling module proxy_http.
To activate the new configuration, you need to run:
  systemctl restart apache2

Enabled Apache modules are installed in / etc / apache2 / mods-enabled /.

$ ls -la /etc/apache2/mods-enabled/ | grep proxy
lrwxrwxrwx 1 root root 28 January 27 12:37 proxy.conf -> ../mods-available/proxy.conf
lrwxrwxrwx 1 root root 28 January 27 12:37 proxy.load -> ../mods-available/proxy.load
lrwxrwxrwx 1 root root 33 January 27 12:48 proxy_http.load -> ../mods-available/proxy_http.load

mod \ _proxy -Apache HTTP Server Version 2 \ .4

This module implements Apache's proxy / gateway functionality. AJP13 (Apache JServe Protocol version 1.3), FTP, CONNECT (for SSL), HTTP / 0.9, HTTP / 1.0, HTTP / 1.1 proxy functions are implemented. You can also configure it to connect to other modules that have proxy capabilities for these and other protocols.

In addition to mod_proxy, Apache's proxy functionality is divided into several modules: mod_proxy_http, mod_proxy_ftp, mod_proxy_ajp, mod_proxy_balancer, mod_proxy_connect. So if you want to use the functionality of a particular proxy, you need to include mod_proxy and the appropriate module in your server (either statically at compile time or dynamically loaded by LoadModule).

Also enable mod_ssl when reverse proxying to https server

mod_ssl is enabled with a2enmod ssl, and mod_setenvif, mod_mime and mod_socache_shmcb are also enabled as dependencies.

$ sudo a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
  systemctl restart apache2

Install configuration file

This time, copy the 000-default.conf file in the /etc/apache2/sites-available directory to create a file called my-proxy.conf.

$ sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/my-proxy.conf

Modify the contents of the my-proxy.conf file.

$ sudo vim /etc/apache2/sites-available/my-proxy.conf

Replace the my-proxy.conf file with the following:

my-proxy.conf


<VirtualHost *:80>

  # /etc/apache2/sites-available/000-default.Contents copied from conf
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/html
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined

  # localhost:Reverse proxy to 8888
  ProxyPass /foo/ http://127.0.0.1:8888/foo/
  ProxyPassReverse /foo/ http://127.0.0.1:8888/foo/

  #Reverse proxy to http site
  ProxyPass /bar/ http://example.com/bar/
  ProxyPassReverse /bar/ http://example.com/bar/

  #Reverse proxy to https site
  SSLProxyEngine On
  ProxyPass /baz/ https://example.org/baz/
  ProxyPassReverse /baz/ https://example.org/baz/

</VirtualHost>

Enable my-proxy.conf and disable 000-default.conf

Enable my-proxy.conf with the a2ensite command.

$ sudo a2ensite my-proxy
Enabling site my-proxy.
To activate the new configuration, you need to run:
  systemctl reload apache2

Disable 000-default.conf with the a2dissite command.

$ sudo a2dissite 000-default
Site 000-default disabled.
To activate the new configuration, you need to run:
  systemctl reload apache2

Restart Apache for the settings to take effect

$ sudo systemctl restart apache2

You can check that the reverse proxy is working with the curl command.

$ curl -i http://localhost/foo/
HTTP/1.1 200 
Date: Mon, 27 Jan 2020 11:19:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Type: text/html;charset=UTF-8
Content-Language: ja-JP
Vary: Accept-Encoding
Transfer-Encoding: chunked

<html><body>Hello, world.</body></html>

About the error

If it doesn't work as expected, check the error message output in /var/log/apache2/error.log.

Error when only mod_proxy is installed and mod_proxy_http is not installed

AH01144: No protocol handler was valid for the URL /foo/ (scheme 'http'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

Error when mod_ssl is not installed

AH01961: SSL Proxy requested for your.example.net:80 but not enabled [Hint: SSLProxyEngine]
AH00961: HTTPS: failed to enable ssl support for XXX.XXX.XXX.XXX:443 (example.org)

Reference material

-mod \ _proxy -Apache HTTP Server Version 2 \ .4

Recommended Posts

Reverse proxy with Apache 2.4 on Ubuntu 19.10 Eoan Ermine
Install Apache Tomcat 9 on Ubuntu 19.10 Eoan Ermine Hello World
Install Apache 2.4 on Ubuntu 19.10 Eoan Ermine and run CGI
How to update security on Ubuntu 19.10 Eoan Ermine
Mount S3 on Ubuntu with goofys
Packet filtering settings using iptables on Ubuntu 19.10 Eoan Ermine and their persistence
Django + Apache with mod_wsgi on Windows Server 2016
Set up reverse proxy to https server with CentOS Linux 8 + Apache mod_ssl
I can't install Dask with pip on Ubuntu
Build python environment with pyenv on EC2 (ubuntu)
[0] TensorFlow-GPU environment construction built with Anaconda on Ubuntu
Play with your Ubuntu desktop on your Raspberry Pi 4
Forcibly bring out DLNA with ReadyMedia + Reverse Proxy
Shebang on Ubuntu 20.04
Reverse proxy from Apache on GCP to local Raspberry Pi Apache (NAT traversal Wake on LAN [3])
I made a Python3 environment on Ubuntu with direnv.
Troublesome story when using Python3 with VScode on ubuntu
Ubuntu 20.04 on raspberry pi 4 with OpenCV and use with python
Dealing with pip and related installation errors on Ubuntu 18.04