Reverse proxy with Apache

Sometimes applications provide a HTTP interface but run standalone without a dedicated web server software like Apache or nginx. If you're already running such a HTTP server, port 80 is already in use and cannot be used by the application.

Using non-standard ports to expose the application to the wold is possible, but makes firewall management harder and prevents some people from using your service because their company's firewall does not allow the non-standard port.

The applications often do not provide HTTPS, authentication or name based hosting support, so there are many reasons to put them behind a real web server that has everything.

Setup

What we need is the main web server to tunnel the HTTP requests to the applications and send the responses back to the visitor.

At first, enable the HTTP proxy module in Apache (example for Debian):

$ a2enmod proxy_http

Then add a virtual host with the following configuration:


    ServerName application.example.org

    ProxyRequests Off
    
        Order deny,allow
        Allow from all
    
    ProxyPass / http://localhost:8082/
    ProxyPassReverse / http://localhost:8082/

    CustomLog /var/log/apache2/application.example.org-access.log combined
    ErrorLog  /var/log/apache2/application.example.org-error.log

]]>

Restart your web server. Fin.

You just set up a reverse proxy that tunnels client requests to http://application.example.org to the application listening on the local port 8082, and back. The application on port 8082 may be listening on the loopback interface only for more security.

Written by Christian Weiske.

Comments? Please send an e-mail.