Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Apache Reverse Proxy

Posted on 2010-08-27
3
Medium Priority
?
975 Views
Last Modified: 2012-05-10
Hello Apache experts !

I am trying to setup a reverse proxy using Apache Win 32-bit  2.2.16 to provide reverse proxy services for an IBM Websphere application server.  

So far I setup a Win 2003 server in my DMZ, installed Apache 2.2.16 and made sure that the connectivity between Apache and outside world as well as Apache and internal subnet are all up

Now the hard part (for me)

1.  I am trying to configure Apache's  httpd.conf for reverse proxy.  I followed the instructions I found on the Internet (basically the same instructions posted on different sites) and what I have noticed
  a.  The module mod_proxy_html needed is missing from my config  file.  Does it mean that it has not been installed during the Apache install?  Is this an add-on and should be gotten from somewhere else
b.  According to the instructions I had to download the libxml2.dll and iconv.dll files and add them to httpd.conf with LoadFile.   Is there a special path/directory to put them ? Should these be registered with regsvr32 command ?

2.  Reverse entry

What I am trying to reverse (see below)

ProxyRequests Off
ProxyPass /logon http://192.168.2.70:9080/Gallery/logon.html
ProxyPassReverse /logon http://192.168.2.70:9080/Gallery/logon.html

So when someone from outside type http://www.mycompany.com/logon.html it should go and grab the internal address http://192.168.2.70:9080/Gallery/logon.html.  I have added the second entry ProxyPassReverse because I want to hide the internal link.

Are these entry correct ?

I have attached an excerpt from my httpd.conf file

Thank you all in advance for the time taken to read and reply to my message

Cheers
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule dbd_module modules/mod_dbd.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
#LoadModule disk_cache_module modules/mod_disk_cache.so
#LoadModule dumpio_module modules/mod_dumpio.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
#LoadModule ldap_module modules/mod_ldap.so
#LoadModule logio_module modules/mod_logio.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule mime_module modules/mod_mime.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
LoadModule ssl_module modules/mod_ssl.so
#LoadModule status_module modules/mod_status.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule unique_id_module modules/mod_unique_id.so
#LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule version_module modules/mod_version.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadFile C:/Program Files/Apache Software Foundation/libxml2-2.7.6.win32/bin/libxml2.dll
LoadFile C:/Program Files/Apache Software Foundation/iconv-1.9.2.win32/bin/iconv.dll

# config added Aug 26, 2010

ProxyRequests Off
ProxyPass /logon http://192.168.2.70:9080/Gallery/logon.html
ProxyPassReverse /logon http://192.168.2.70:9080/Gallery/logon.html

Open in new window

0
Comment
Question by:Bibecu
  • 2
3 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 33548331
> a.  The module mod_proxy_html needed is missing from my config  file.
mod_proxy and mod_proxy_http are what You need

> So when someone from outside type http://www.mycompany.com/logon.html it should go and grab the internal address http://192.168.2.70:9080/Gallery/logon.html.  I have added the second entry ProxyPassReverse because I want to hide the internal link.
Try
ProxyPass / http://192.168.2.70:9080/Gallery/
ProxyPassReverse / http://192.168.2.70:9080/Gallery/
0
 

Author Comment

by:Bibecu
ID: 33560913
Thanks ravenpl.  It does work internally. For example if I typed the internal ip of the Apache (192.168.2.225) (where the above codes reside) and type in my browers http://192.1168.2.225 I get in reply  
https://192.168.2.70:9443/Gallery/index.html (note the INDEX.html) I accept the caution and click on "Continue Anyway"  then the correct link opens up which is https://192.168.2.70:9443/Gallery/login.html

I think the one with index can be solved by installing the certificate.  

Now the hard part, when trying from outside  http://<myexternal_ip> it does not point me anywhere (site looks like is not available)  I even opened up the firewall for few minutes but no look

Guess I am stack here for a while...

Cheers
0
 

Accepted Solution

by:
Bibecu earned 0 total points
ID: 33570532
OK, I figure it out !  For all of you who need to do reverse proxy Apache and IBM http  (Websphere)

1. Download the apache patch from IBM website

WebServer Plugin for Websphere Application Server v7 for Windows

https://www14.software.ibm.com/webapp/iwm/web/reg/pick.do?source=wspwas&S_PKG=win_70&S_TACT=104CBW71&lang=en_US

2. Install this on the windows server running apache

3. During the install you will be prompted to specify the path to Apache's httpd.conf file as well as the connection info (ip and so on) for the Websphere

4. Finish the installation .  You will notice that 2 new lines were added to httpd.conf on Apache

Cheers

-
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Integration Management Part 2
Suggested Courses
Course of the Month6 days, 15 hours left to enroll

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question