Firewall Wizards mailing list archives
RE: reverse proxy using apache
From: "Moore, James" <James.Moore () MSFC NASA GOV>
Date: Thu, 13 Jan 2000 09:59:52 -0600
Just outta' cusiosity: what does this provide in terms of security? Jim Moore 256.461.4381 ----------- PGP PUBLIC KEY FINGERPRINT ------------ 1D9C 3AC3 34E6 EEDF 22B9 7886 7797 6908 048F 049B ---------------------------------------------------
-----Original Message----- From: Adrian Brinton [SMTP:adrian () brinton to] Sent: Tuesday, January 11, 2000 12:43 AM To: 'Scott Saxen'; firewall-wizards () nfr net Subject: RE: reverse proxy using apache I'm not sure if this is what you're looking for, but I use apache as a proxy server using the ProxyPass directive. I have the apache box on a dsl line and a NAT'ed network behind (this could be a DMZ if I had some time and another few computers). When an outside user connects, they see the apache box. Apache proxys them out to an IIS server (or whatever you want) on the NAT'ed network. The user sees nothing... it looks like they're hitting the IIS (or whatever) server directly. Works for SSL too (between the user and the proxy, in my case), you just have to add SSL support to apache. Below are the relevant lines of the httpd.conf file. Hope this helps. adrian () brinton to LoadModule proxy_module modules/libproxy.so AddModule mod_proxy.c ProxyRequests On # Note addresses changed... NameVirtualHost 1.2.3.4 Listen 1.2.3.4:80 Listen 1.2.3.4:443 # This creates a virtual host that will be proxy'ed to another box. <VirtualHost 1.2.3.4> ServerAdmin webmaster () yourdomain com ServerName proxythis.yourdomain.com ProxyPass / http://192.168.1.1/ ProxyPassReverse / http://192.168.1.1/ ErrorLog logs/error_log TransferLog logs/access_log </VirtualHost> # This creates a virtual host for SSL conections. They'll be proxy'ed w/o SSL. VirtualHost 1.2.3.4:443> ServerAdmin webmaster () yourdomain com ServerName secure.yourdomain.com ProxyPass / http://192.168.1.1/ ProxyPassReverse / http://192.168.1.1/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/yourcert.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/yourkey.key ErrorLog /var/log/httpd/ssl-error_log TransferLog logs/ssl-access_log </VirtualHost> -----Original Message----- From: Scott Saxen [mailto:ssaxen () lucent com] Sent: Friday, January 07, 2000 4:22 PM To: firewall-wizards () nfr net Subject: reverse proxy using apache I am having problems using reverse proxy under apache 1.3.9 I have a client that wants to (being a network engineer I would call it NAT) change the URL or what would be called 'rewrite' I think. So they want the client side to use a url (arbitrary) and send it to the proxy server of which would be apache, then from there it would go to a webserver, which in turn queries some other box. The proxy server is going to sit in the dmz, but in front of the firewall (not sure what kind of firewall and dont think its pertinent to this question). Problem I am having is the rewrite_mod syntax....dont know it. Does anyone have a sample configuration I could mess around with to make this work? Much appreciated..... ssaxen () lucent com thanks.
Current thread:
- reverse proxy using apache Scott Saxen (Jan 09)
- Re: reverse proxy using apache Chuck O'Donnell (Jan 10)
- <Possible follow-ups>
- RE: reverse proxy using apache Adrian Brinton (Jan 12)
- RE: reverse proxy using apache Moore, James (Jan 15)
- RE: reverse proxy using apache Adrian Brinton (Jan 15)