Wednesday, January 30, 2013

How to install a reverse Proxy on Windows

It's usually not a good idea to install a service as a privileged user. So you may know that it is not possible for an unprivileged user to bind ports below the port number 1000. This is the reason why application containers (like Tomcat) are using the port 8080 instead 80. However, sometimes you want to reach your service via port 80 without the need to run the same as a privileged user. This article explains how to put a reverse proxy in front of a Tomcat server which is listening on port 8080.

At first just install Apache2 by using the following installer: http://mirror.netcologne.de/apache.org//httpd/binaries/win32/httpd-2.0.64-win32-x86-openssl-0.9.8o.msi .

If you are a Linux user, then you can just install the server via your package manager. On most Linux distributions then it is also required to install the modules as seperate packages. What we need is the module 'mod_proxy'.

The above mentioned installation package already includes the proxy modules like 'mod_proxy'. So you just have to configure Apache in order to use it. Apaches's configuration file is named 'httpd.conf'. By default you can find it under %APACHE_HOME%\conf .

Here are the steps:

  1. In the 'Load Module' section enable the Proxy modules
  2. Disable ProxyRequests in order to use the reverse proxy functionalit instead just the foward one
  3. Define who should have the permission to use the proxy
  4. Define the forward and reverse targets
  5. Define who should have the permission to access the root location
#Load the required modules 

...

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so

#Base configuration for a reverse proxy

...
ProxyRequests Off

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/

<Location />
        Order deny,allow
        Allow from all
</Location>

... 


No comments:

Post a Comment