Apache Reverse Proxy Http To Https

admin



  1. Apache2 Reverse Proxy Https
  2. Httpd Reverse Proxy
  3. Apache Reverse Proxy Setup

Often in the live of a webmaster it happens, that you want to map an old URL into a new one. The possibilities to manipulate an URL are:

  • Redirect the URL

  • Rewrite the URL

  • Proxy and ReverseProxy Server

Redirection

The Redirect directive maps an old URL into a new one. The new URL is returned to the client which attempts to fetch it again with the new address. One disadvantage is, that the manipulated URL will be displayed in the client browser. Suppose, you want to redirect each request to another Server on the Internet, you specify the following directive in http.conf

Redirect / http://www.foobar.com/

Apache Reverse Proxy Apache httpd (as well as most other web servers) can act as a reverse proxy server, also-known-as a “gateway” server. In this case, httpd itself does not generate or host the. HTTPS Reverse Proxy. In order to define a HTTPS reverse proxy you will need to configure Apache to handle HTTPS requests. You can see how to do this here. The following examples rely on this configuration. The HTTPS reverse proxy definitions are similar to those seen previously, with the addition of the SSL related parameters.

Reverse

Each request to your server will be redirected to http://www.foobar.com.

Apache reverse proxy http to https gmail

Rewrite Module

The Apache Module mod_rewrite, is the Swiss Army Knife of URL manipulation, it is a really sophisticated module which provides a powerful way to do URL manipulations like:

  • Solve Trailing Slash Problem

  • Solve Moved DocumentRoot Problem

  • Solve Moved Homedirs to Different Webserver Problem

  • Solve Filesystem Reorganisation Problem

  • Redirect Homedirs For Foreigners

  • Redirect Failing URLs To Other Webserver

  • From Old to New (intern)

  • From Old to New (extern)

  • Search pages in more than one directory

  • .... and many more ....

Example:

Map the non SSL URL http://www.foobar.com/abc to the SSL URL https://www.foobar.com/abc

Proxy

<VirtualHost _default_:80>
RewriteEngine on
RewriteRule ^/abc/(.*)$ https://%{SERVER_NAME}/abc/$1 [R,L]
</VirtualHost>

Proxy Module

Apache Proxy allows remote servers to be mapped into the space of the local server; the local appears to be a mirror of the remote server. The following proxy directives. In the following example the website Arkum.ch is a proxy for Akadia.ch.

#
# Virtual Host for arkum.ch
#
<VirtualHost 193.247.121.196>
ServerAdmin martin dot zahn at akadia dot ch
ServerName www.arkum.ch
ProxyRequests On
ProxyPass / https://www.akadia.com/
ProxyPassReverse/ https://www.akadia.com/
</VirtualHost>

ProxyPass

The directive ProxyPass allows remote servers to be mapped into the space of the local server; the local server does not act as a proxy in the conventional sense, but appears to be a mirror of the remote server.

Suppose the local server has address http://wibble.org/; then

ProxyPass /mirror/foo/ http://foo.com/

will cause a local request for the <http://wibble.org/mirror/foo/bar> to be internally converted into a proxy request to Http<http://foo.com/bar>.

ProxyPassReverse

The directive ProxyPassReverse lets Apache adjust the URL in the Location header on HTTP redirect responses. For instance this is essential when Apache is used as a reverse proxy to avoid by-passing the reverse proxy because of HTTP redirects on the backend servers which stay behind the reverse proxy.

Suppose the local server has address http://wibble.org/; then

ProxyPass /mirror/foo/ http://foo.com/
ProxyPassReverse /mirror/foo/ http://foo.com/

will not only cause a local request for the <http://wibble.org/mirror/foo/bar> to be internally converted into a proxy request to <http://foo.com/bar> (the functionality ProxyPass provides here). It also takes care of redirects the server foo.com sends: when

Apache2 Reverse Proxy Https

http://foo.com/bar is redirected by him to http://foo.com/quux

Httpd Reverse Proxy

Apache adjusts this to http://wibble.org/mirror/foo/quux before forwarding the HTTP redirect response to the client.

Dataflow between HTTP-Client and HTTP-Server

Apache Reverse Proxy Setup

Redirect and Rewrite

  1. The HTTP client sends a request to the HTTP Server.

  2. The HTTP Server sends the manipulated URL back to the Client.

  3. The HTTP client sends again a request using the changed URL. If the new URL points to a new HTTP Server, the request a new connection is setup to this server.

  4. The new server sends back the the answer.

One disadvantage using this approach together with another server is, that the manipulated URL is not hidden from the HTTP client, the changed URL is presented to the users.

Proxy Server

  1. The HTTP client sends a request to the HTTP Proxy.

  2. The HTTP Proxy connects the HTTP Server.

  3. The HTTP Server sends back the answer to the HTTP Proxy.

  4. The HTTP Proxy sends back this answer to the HTTP client.

There are several advantages using proxies. The new server is completely hidden for the user. The URL always points to the HTTP Proxy, the connection to the real HTTP Server is hidden. The HTTP Proxy caches the documents locally, therefore we have a performance gain.