--Install apache2 package on Ubuntu --Enable mod_proxy and mod_http with the a2enmod command --Enable mod_ssl with a2enmod command to reverse proxy to https
Install the apache2 package.
$ sudo apt install apache2
Check the version.
$ /usr/sbin/apachectl -v
Server version: Apache/2.4.41 (Unix)
Server built: Nov 9 2019 07:53:54
Enable the modules needed to reverse proxy to the http site.
Enable the Apache module with the a2enmod command. Specifying proxy_http in the a2enmod command enables mod_proxy, which is dependent on mod_proxy_http.
$ sudo a2enmod proxy_http
Considering dependency proxy for proxy_http:
Enabling module proxy.
Enabling module proxy_http.
To activate the new configuration, you need to run:
systemctl restart apache2
Enabled Apache modules are installed in / etc / apache2 / mods-enabled /.
$ ls -la /etc/apache2/mods-enabled/ | grep proxy
lrwxrwxrwx 1 root root 28 January 27 12:37 proxy.conf -> ../mods-available/proxy.conf
lrwxrwxrwx 1 root root 28 January 27 12:37 proxy.load -> ../mods-available/proxy.load
lrwxrwxrwx 1 root root 33 January 27 12:48 proxy_http.load -> ../mods-available/proxy_http.load
mod \ _proxy -Apache HTTP Server Version 2 \ .4
This module implements Apache's proxy / gateway functionality. AJP13 (Apache JServe Protocol version 1.3), FTP, CONNECT (for SSL), HTTP / 0.9, HTTP / 1.0, HTTP / 1.1 proxy functions are implemented. You can also configure it to connect to other modules that have proxy capabilities for these and other protocols.
In addition to mod_proxy, Apache's proxy functionality is divided into several modules: mod_proxy_http, mod_proxy_ftp, mod_proxy_ajp, mod_proxy_balancer, mod_proxy_connect. So if you want to use the functionality of a particular proxy, you need to include mod_proxy and the appropriate module in your server (either statically at compile time or dynamically loaded by LoadModule).
mod_ssl is enabled with a2enmod ssl, and mod_setenvif, mod_mime and mod_socache_shmcb are also enabled as dependencies.
$ sudo a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
systemctl restart apache2
This time, copy the 000-default.conf file in the /etc/apache2/sites-available directory to create a file called my-proxy.conf.
$ sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/my-proxy.conf
Modify the contents of the my-proxy.conf file.
$ sudo vim /etc/apache2/sites-available/my-proxy.conf
Replace the my-proxy.conf file with the following:
my-proxy.conf
<VirtualHost *:80>
# /etc/apache2/sites-available/000-default.Contents copied from conf
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# localhost:Reverse proxy to 8888
ProxyPass /foo/ http://127.0.0.1:8888/foo/
ProxyPassReverse /foo/ http://127.0.0.1:8888/foo/
#Reverse proxy to http site
ProxyPass /bar/ http://example.com/bar/
ProxyPassReverse /bar/ http://example.com/bar/
#Reverse proxy to https site
SSLProxyEngine On
ProxyPass /baz/ https://example.org/baz/
ProxyPassReverse /baz/ https://example.org/baz/
</VirtualHost>
Enable my-proxy.conf with the a2ensite command.
$ sudo a2ensite my-proxy
Enabling site my-proxy.
To activate the new configuration, you need to run:
systemctl reload apache2
Disable 000-default.conf with the a2dissite command.
$ sudo a2dissite 000-default
Site 000-default disabled.
To activate the new configuration, you need to run:
systemctl reload apache2
$ sudo systemctl restart apache2
You can check that the reverse proxy is working with the curl command.
$ curl -i http://localhost/foo/
HTTP/1.1 200
Date: Mon, 27 Jan 2020 11:19:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Type: text/html;charset=UTF-8
Content-Language: ja-JP
Vary: Accept-Encoding
Transfer-Encoding: chunked
<html><body>Hello, world.</body></html>
If it doesn't work as expected, check the error message output in /var/log/apache2/error.log.
AH01144: No protocol handler was valid for the URL /foo/ (scheme 'http'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
AH01961: SSL Proxy requested for your.example.net:80 but not enabled [Hint: SSLProxyEngine]
AH00961: HTTPS: failed to enable ssl support for XXX.XXX.XXX.XXX:443 (example.org)
-mod \ _proxy -Apache HTTP Server Version 2 \ .4
Recommended Posts