Virtual Hosting in Apache (Part 2)

by about

Continuing qith the second part about my Apache Virtual Hosting experience.

You can read first in: Apache Virtual Hosting (Parte 1).

We can see how our Apache serves remote server pages encrypted with SSL and un-encrypted.

Redirect to other web server

With this estrategy we can serve other server content as this contents are in our server. It is a web proxy, but for one determined site.

It can take various uses:

  • Serve towards internet a local server filtered because of security.
  • Serve from internet some beyond server to win in speed.
  • If you think another put a comment.

To use the following directives we must enabled the proxy module mod_proxy. How is enable in Apache2:

elite:~# cd /etc/apache2/mods-enabled/
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy.conf proxy.conf
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy.load proxy.load
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/proxy_http.load proxy_http.load
elite:/etc/apache2/mods-enabled# /etc/init.d/apache restart

The code:

<VirtualHost *>
        ServerName privado.tudominio.com

        ProxyPreserveHost On
        ProxyRequests Off
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyPass / http://192.168.0.1/
        ProxyPassReverse / http://192.168.0.1/
</VirtualHost>

ServerName is how it be called from intenet (http://privado.tudominio.com) to this content (http://192.168.0.1/) of local network.

<Proxy> directive set the permissions to the object. And directives as ProxyPass (mapping extern direction) and ProxyPassReverse (adjusting the URL to HTTP Location field) fix us the direction (IP or DNS) that we want map.

Redirect to another web server, but secure https

Even more dificult, we want that Apache acts as proxy or secure remote server.

Installing webmin which provides of a secure server on port 10000, I cocluded that was beter redirect with this estrategy than change webmin to apache.

Of course ssl and proxy modules must be installed, mod_ssl y mod_proxy (installed at previous point):

elite:~# cd /etc/apache2/mods-enabled/
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.conf ssl.conf
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.load ssl.load
elite:/etc/apache2/mods-enabled# /etc/init.d/apache restart

Virtual Host configuration would be:

<VirtualHost *>
        ServerName webmin.tudominio.com

        ProxyRequests Off
        SSLProxyEngine On
        ProxyVia On
        <Proxy *>
                AddDefaultCharset off
                Order deny,allow
                Allow from all
        </Proxy>

        ProxyPass / https://localhost:10000/
        ProxyPassReverse / https://localhost:10000/
        ProxyPassReverseCookieDomain localhost:10000 tudominio.com
        ProxyPassReverseCookiePath / /
</VirtualHost>

The same explication as previous point but caching the SSL certificates with  SSLProxyEngine tag, and futherore the cookies with last tags.

Leave a Reply

Your email address will not be published. Required fields are marked *