How to Configure Apache as a Reverse Proxy with mod_proxy?

Posted on

Apache is a powerful web server application that can serve dynamic web content or act as a reverse proxy. As a reverse proxy, it forwards client requests to backend servers. This guide will demonstrate how to configure Apache as a reverse proxy using the mod_proxy module.

This guide will walk you through proxying an ownCloud application running on port 8080 within a Docker container. The same process can be applied to other applications running on different ports.

Requirements

  • Deploy a new Vultr Cloud Server.

Note: This article uses an Ubuntu 20.04 server, but the instructions are also applicable to other Linux servers running Apache.

  • Set up a DNS “A” record pointing to the server’s IP address. This guide uses the name app.example.com.
  • Connect to the server.
  • Log in as a non-root user with sudo privileges.
  • Update the server.
  • Install Apache.
  • Install Docker.

1. Enable mod_proxy

  • Enable mod_proxy in Apache.
  • To start configuring Apache as a reverse proxy, enable the necessary modules.
  • Enable the core mod_proxy module:
sudo a2enmod proxy

Enable additional proxy-related modules:

sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod proxy_wstunnel

These modules are responsible for:

  • mod_proxy: Provides the fundamental proxying capabilities.
  • proxy_http: Handles HTTP and HTTPS proxy requests.
  • proxy_balancer: Enables load-balancing functionality.
  • proxy_wstunnel: Allows WebSocket tunneling to a backend server.
  • Restart Apache to apply these changes:
sudo systemctl restart apache2

2. Set up the Back-end Application

  • As an example, we will set up an ownCloud container listening on port 8080 using Docker.
  • Execute the following command to create the ownCloud Docker container.
$ docker run -d --name owncloud -p 8080:8080 owncloud/server
  • Start ownCloud.
$ docker start owncloud
  • Verify that ownCloud is running.
$ docker ps

3. Setup Apache as a Reverse Proxy

  • Before making any changes, back up the default Apache virtual host configuration file.
$ sudo mv /etc/apache2/sites-available/000-default.conf  /etc/apache2/sites-available/origdefault.backup
  • Create a new configuration file.
$ sudo nano /etc/apache2/sites-available/app.example.com.conf
  • Update the file with the following, replacing app.example.com with your server’s domain name. If you’re using a different app, change port 8080 to its actual port number.
  <VirtualHost *:80>
    ServerName app.example.com
    ProxyPreserveHost On
    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
  </VirtualHost>
  • Save and close the file.

Here’s what each directive in the configuration does:

  • ProxyPreserveHost: Forwards the original host header to the backend server.
  • ProxyPass: Routes all requests destined for the specified port to the backend application.
  • ProxyPassReverse: Modifies response headers from the backend server to ensure they work with the reverse proxy.
  • Enable the configuration file.
$ sudo ln -s /etc/apache2/sites-available/app.example.com.conf  /etc/apache2/sites-enabled/app.example.com.conf
  • Test the Apache configuration for any errors.
$ sudo apachectl configtest
  • Restart Apache to apply the changes.
$ sudo service apache2 restart

4. Secure The Server

  • Configure the firewall to allow HTTP traffic on port 80.
$ sudo ufw allow 80/tcp
  • Allow HTTPS traffic on port 443 as well.
sudo ufw allow 443/tcp
  • Reload the firewall to apply these changes.
sudo ufw reload

5. Setup SSL Certificate

  • Install Certbot.
$ sudo apt install certbot python3-certbot-apache
  • Request a Let’s Encrypt SSL Certificate.
$ sudo certbot -d app.example.com
  • Test Auto-renewal.
$ sudo certbot renew --dry-run
  1. Testing Is Necessary
  • Open your web browser and navigate to your subdomain:

https://app.example.com

  • You should see the ownCloud login page. Use the username “admin” and the password “admin” to log in and start using the application.
Summing Up

Configuring Apache as a reverse proxy with mod_proxy enables you to route client requests to backend servers. With the correct modules activated, a properly defined virtual host configuration, and security measures in place, you can successfully proxy ownCloud or other applications. If you encounter any difficulties during setup, Bluehoster can provide hosting and technical assistance.

Leave a Reply

Your email address will not be published. Required fields are marked *