Solved

Apache Reverse Proxy

Posted on 2010-08-27
3
941 Views
Last Modified: 2012-05-10
Hello Apache experts !

I am trying to setup a reverse proxy using Apache Win 32-bit  2.2.16 to provide reverse proxy services for an IBM Websphere application server.  

So far I setup a Win 2003 server in my DMZ, installed Apache 2.2.16 and made sure that the connectivity between Apache and outside world as well as Apache and internal subnet are all up

Now the hard part (for me)

1.  I am trying to configure Apache's  httpd.conf for reverse proxy.  I followed the instructions I found on the Internet (basically the same instructions posted on different sites) and what I have noticed
  a.  The module mod_proxy_html needed is missing from my config  file.  Does it mean that it has not been installed during the Apache install?  Is this an add-on and should be gotten from somewhere else
b.  According to the instructions I had to download the libxml2.dll and iconv.dll files and add them to httpd.conf with LoadFile.   Is there a special path/directory to put them ? Should these be registered with regsvr32 command ?

2.  Reverse entry

What I am trying to reverse (see below)

ProxyRequests Off
ProxyPass /logon http://192.168.2.70:9080/Gallery/logon.html
ProxyPassReverse /logon http://192.168.2.70:9080/Gallery/logon.html

So when someone from outside type http://www.mycompany.com/logon.html it should go and grab the internal address http://192.168.2.70:9080/Gallery/logon.html.  I have added the second entry ProxyPassReverse because I want to hide the internal link.

Are these entry correct ?

I have attached an excerpt from my httpd.conf file

Thank you all in advance for the time taken to read and reply to my message

Cheers
LoadModule actions_module modules/mod_actions.so

LoadModule alias_module modules/mod_alias.so

LoadModule asis_module modules/mod_asis.so

LoadModule auth_basic_module modules/mod_auth_basic.so

#LoadModule auth_digest_module modules/mod_auth_digest.so

#LoadModule authn_alias_module modules/mod_authn_alias.so

#LoadModule authn_anon_module modules/mod_authn_anon.so

#LoadModule authn_dbd_module modules/mod_authn_dbd.so

#LoadModule authn_dbm_module modules/mod_authn_dbm.so

LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authn_file_module modules/mod_authn_file.so

#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

#LoadModule authz_dbm_module modules/mod_authz_dbm.so

LoadModule authz_default_module modules/mod_authz_default.so

LoadModule authz_groupfile_module modules/mod_authz_groupfile.so

LoadModule authz_host_module modules/mod_authz_host.so

#LoadModule authz_owner_module modules/mod_authz_owner.so

LoadModule authz_user_module modules/mod_authz_user.so

LoadModule autoindex_module modules/mod_autoindex.so

#LoadModule cache_module modules/mod_cache.so

#LoadModule cern_meta_module modules/mod_cern_meta.so

LoadModule cgi_module modules/mod_cgi.so

#LoadModule charset_lite_module modules/mod_charset_lite.so

#LoadModule dav_module modules/mod_dav.so

#LoadModule dav_fs_module modules/mod_dav_fs.so

#LoadModule dav_lock_module modules/mod_dav_lock.so

#LoadModule dbd_module modules/mod_dbd.so

LoadModule deflate_module modules/mod_deflate.so

LoadModule dir_module modules/mod_dir.so

#LoadModule disk_cache_module modules/mod_disk_cache.so

#LoadModule dumpio_module modules/mod_dumpio.so

LoadModule env_module modules/mod_env.so

#LoadModule expires_module modules/mod_expires.so

#LoadModule ext_filter_module modules/mod_ext_filter.so

#LoadModule file_cache_module modules/mod_file_cache.so

#LoadModule filter_module modules/mod_filter.so

LoadModule headers_module modules/mod_headers.so

#LoadModule ident_module modules/mod_ident.so

#LoadModule imagemap_module modules/mod_imagemap.so

LoadModule include_module modules/mod_include.so

#LoadModule info_module modules/mod_info.so

LoadModule isapi_module modules/mod_isapi.so

#LoadModule ldap_module modules/mod_ldap.so

#LoadModule logio_module modules/mod_logio.so

LoadModule log_config_module modules/mod_log_config.so

#LoadModule log_forensic_module modules/mod_log_forensic.so

#LoadModule mem_cache_module modules/mod_mem_cache.so

LoadModule mime_module modules/mod_mime.so

#LoadModule mime_magic_module modules/mod_mime_magic.so

LoadModule negotiation_module modules/mod_negotiation.so

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

LoadModule proxy_balancer_module modules/mod_proxy_balancer.so

LoadModule proxy_connect_module modules/mod_proxy_connect.so

LoadModule proxy_ftp_module modules/mod_proxy_ftp.so

LoadModule proxy_http_module modules/mod_proxy_http.so

#LoadModule reqtimeout_module modules/mod_reqtimeout.so

LoadModule rewrite_module modules/mod_rewrite.so

LoadModule setenvif_module modules/mod_setenvif.so

#LoadModule speling_module modules/mod_speling.so

LoadModule ssl_module modules/mod_ssl.so

#LoadModule status_module modules/mod_status.so

#LoadModule substitute_module modules/mod_substitute.so

#LoadModule unique_id_module modules/mod_unique_id.so

#LoadModule userdir_module modules/mod_userdir.so

#LoadModule usertrack_module modules/mod_usertrack.so

#LoadModule version_module modules/mod_version.so

#LoadModule vhost_alias_module modules/mod_vhost_alias.so

LoadFile C:/Program Files/Apache Software Foundation/libxml2-2.7.6.win32/bin/libxml2.dll

LoadFile C:/Program Files/Apache Software Foundation/iconv-1.9.2.win32/bin/iconv.dll



# config added Aug 26, 2010



ProxyRequests Off

ProxyPass /logon http://192.168.2.70:9080/Gallery/logon.html

ProxyPassReverse /logon http://192.168.2.70:9080/Gallery/logon.html

Open in new window

0
Comment
Question by:Bibecu
  • 2
3 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 33548331
> a.  The module mod_proxy_html needed is missing from my config  file.
mod_proxy and mod_proxy_http are what You need

> So when someone from outside type http://www.mycompany.com/logon.html it should go and grab the internal address http://192.168.2.70:9080/Gallery/logon.html.  I have added the second entry ProxyPassReverse because I want to hide the internal link.
Try
ProxyPass / http://192.168.2.70:9080/Gallery/
ProxyPassReverse / http://192.168.2.70:9080/Gallery/
0
 

Author Comment

by:Bibecu
ID: 33560913
Thanks ravenpl.  It does work internally. For example if I typed the internal ip of the Apache (192.168.2.225) (where the above codes reside) and type in my browers http://192.1168.2.225 I get in reply  
https://192.168.2.70:9443/Gallery/index.html (note the INDEX.html) I accept the caution and click on "Continue Anyway"  then the correct link opens up which is https://192.168.2.70:9443/Gallery/login.html

I think the one with index can be solved by installing the certificate.  

Now the hard part, when trying from outside  http://<myexternal_ip> it does not point me anywhere (site looks like is not available)  I even opened up the firewall for few minutes but no look

Guess I am stack here for a while...

Cheers
0
 

Accepted Solution

by:
Bibecu earned 0 total points
ID: 33570532
OK, I figure it out !  For all of you who need to do reverse proxy Apache and IBM http  (Websphere)

1. Download the apache patch from IBM website

WebServer Plugin for Websphere Application Server v7 for Windows

https://www14.software.ibm.com/webapp/iwm/web/reg/pick.do?source=wspwas&S_PKG=win_70&S_TACT=104CBW71&lang=en_US

2. Install this on the windows server running apache

3. During the install you will be prompted to specify the path to Apache's httpd.conf file as well as the connection info (ip and so on) for the Websphere

4. Finish the installation .  You will notice that 2 new lines were added to httpd.conf on Apache

Cheers

-
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now