A reverse proxy server is a web server that accepts client requests and routes them to the appropriate backend server. In that case, the reverse proxy is the internet-facing server, and backend applications are running on localhost or the LAN network.
Apache is the most popular web server that also can be configured as a reverse proxy server. In this tutorial, you will learn about configuring the Apache reverse proxy server on a Linux system.
Nework Scenario
We have two applications that are running with the Tomcat server at localhost port 8080. No matter whether applications are running with Tomcat or any other service like Nodejs etc. Both local applications’ URLs are:
- http://localhost:8080/demo1
- http://localhost:8080/demo2
Now I have installed the Apache server on the same host running on port 80. The Apache server accepts the requests from internet users and forwards them to corresponding applications running on the back end. We need to configure the proxy to forward requests as follows:
- http://example.com
>> http://localhost:8080/demo1/ - http://example.net
>> http://localhost:8080/demo2/ - http://domain.com/demo1/
>> http://localhost:8080/demo1/ - http://domain.com/demo2/
>> http://localhost:8080/demo2/
To get a better understanding see the below diagram:
So, let’s the configuration start:
Step 1: Setup Apache Proxy Module
By default, this module is enabled in Apache for users who installed using rpm packages. The Debian-based users need to enable modules manually.
- Redhat-based systems: Edit the proxy configuration file /etc/httpd/conf.modules.d/00-proxy.conf uncomment the following entries. If not available, then add them.
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so
- Debian-based systems: Use the following command to enable the Proxy module with Apache.
sudo a2enmod proxy proxy_http
After enabling the modules, you will need to restart Apache services to apply changes immediately.
Step 2: Configure Apache Virtual Host
Now will start working with the virtual host. We are creating three virtual hosts as below. You create only what is required with needed modifications. Edit Apache’s main configuration file and start with the configuration.
- First Virtual Host Example:
To forward all requests sent to example.com to backend tomcat server corresponding application like:
- http://example.com
>> http://localhost:8080/demo1/
Configure the first virtual host as below:
12345678<VirtualHost *:80>ServerName example.comProxyRequests OnProxyPass / http://localhost:8080/demo1/ProxyPassReverse / http://localhost:8080/demo1/</VirtualHost> - http://example.com
- Second Virtual Host Example:
To forward all requests sent to example.net to backend tomcat server corresponding application like:
- http://example.net
>> http://localhost:8080/demo2/
Configure a virtual host like this.
12345678<VirtualHost *:80>ServerName example.netProxyRequests OnProxyPass / http://localhost:8080/demo2/ProxyPassReverse / http://localhost:8080/demo2/</VirtualHost> - http://example.net
- Third Virtual Host Example:
To forward all requests sent to subdirectory /demo1/ or /demo2 on http://domain.com to back-end tomcat corresponding applications like:
- http://domain.com/demo1/
>> http://localhost:8080/demo1/ - http://domain.com/demo2/
>> http://localhost:8080/demo2/
Configure a virtual host like this.
1234567891011121314151617<VirtualHost *:80>ServerName domain.comProxyRequests OnProxyPass /demo1 http://localhost:8080/demo1/ProxyPassReverse /demo1 http://localhost:8080/demo1/ProxyPass /demo2 http://localhost:8080/demo2/ProxyPassReverse /demo2 http://localhost:8080/demo2/<Location "/demo1">Required granted all</Location><Location "/demo2">Required granted all</Location></VirtualHost> - http://domain.com/demo1/
Step 3: Restart Apache to Apply Changes
Once you have successfully created Apache virtual host, you need to restart the Apache service. Use the following commands to restart the Apache service based on the operating system.
- Redhat-based systems:
sudo systemctl restart httpd - Debed-based systems:
sudo systemctl restart apache2
Conclusion
This blog post helps you to configure Apache as a reverse proxy server on Debian-based or Redhat-based systems. The reverse proxy makes a bridge between internet facing web server and the web application running as a backend service.
4 Comments
Do NOT set “ProxyRequests On”
As already said by Wesse Van Norel, this means forward proxying is enabled. As there is no specific restriction on that, all web bots will have fun through your web server, attacking third parties. The next thing you know, your IP address will be on an abuse list.
https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyrequests
Hi Rahul,
I have separate web and tomcat server. Revers proxy is configured on Web server i.e Apache to tomcat. Now Tomcat has one application which has to hit some URL . Now the request has to from Web server .
Please suggest where I have to configure reverse proxy which will pass request to web server.
I just found this tutorial and I’m amazed that you set ProxyRequests to On.
https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyrequests
“This allows or prevents Apache httpd from functioning as a forward proxy server. (Setting ProxyRequests to Off does not disable use of the ProxyPass directive.)”
With this setting you allow anyone to use your server as an open proxy server, to be (ab)used by anyone on the internet. Are you sure you intent this?
Hi Rahul,
Your blog is useful…..but still now facing problem …I am working azure cloud vm and am installed tomcat and Apache 2.4 ….As per above setup all ..But browser when hitting site always open Apache Tomcat index page.When am hitting localhost open my war file cannot open outside access…Can u help regarding problem..Thanx.