博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
How to proxy a web site by apache2 in Ubuntu
阅读量:5826 次
发布时间:2019-06-18

本文共 5486 字,大约阅读时间需要 18 分钟。

Install apache2

To execute the install command in terminal:

sudo apt-get install apache2

Then, we can find that the apache2 has been installed in "/etc/" directory.

eric@eric:cd /etc/apache2eric@eric:/etc/apache2$ apache2 -versionServer version: Apache/2.4.7 (Ubuntu)Server built:   Apr  3 2014 12:20:28eric@eric:/etc/apache2# ls -ltotal 80-rw-r--r-- 1 root root  7115 Jan  7 21:23 apache2.confdrwxr-xr-x 2 root root  4096 Jun 17 15:09 conf-availabledrwxr-xr-x 2 root root  4096 Jun 17 15:09 conf-enabled-rw-r--r-- 1 root root  1782 Jan  3 22:48 envvars-rw-r--r-- 1 root root 31063 Jan  3 22:48 magicdrwxr-xr-x 2 root root 12288 Jun 17 15:09 mods-availabledrwxr-xr-x 2 root root  4096 Jun 17 15:09 mods-enabled-rw-r--r-- 1 root root   320 Jan  7 21:23 ports.confdrwxr-xr-x 2 root root  4096 Jun 17 15:08 sites-availabledrwxr-xr-x 2 root root  4096 Jun 17 15:09 sites-enabled

Attention:

After executing the install command, some echo exception messages may shown like that.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80no listening sockets available, shutting down

If so, we need to:

1) Config the "ServerName" in apache2.conf.

eric@eric:cd /etc/apache2eric@eric:cd vi apache2.conf...ServerName localhost...

2) End the existed process which is using the 80 socket.

netstat -ap | grep 80lsof -i:80kill {PID}

Or modify the listen socket. (See )

Then, we can restart apache2.

eric@eric:sudo /etc/init.d/apache2 restart

Config listening ports

We can change and add the listening ports by modifying port.conf file in "/etc/apache2/".

eric@eric:sudo vi /etc/apache2/ports.conf

For example, we change the default port from 80 to 81 to avoid the in used portd.

Listen 81
Listen 443
Listen 443

After changing the default port, the default site configuration (/etc/apache2/sites-enabled/000-default.conf) also need be updated.

eric@eric:sudo vi /etc/apache2/sites-enabled/000-default.conf

Modify

as

Config proxy or reverse proxy

Here, there is a Tomcat worked in 8080 port as our J2EE server and an application named "jreport" running in it. We will config the apache to proxy it.

1. Activate proxy module

There are "mods-available" and "mods-enabled" two directories in apache. The "mods-available" directory includes all available module configuration files. If we want to make them take effect, they must be copied or linked into the "mods-enabled" directory.

For activating the proxy module, we create some soft link for "proxy.load", "proxy_http.load" and "proxy.conf".

eric@eric:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/proxy.loaderic@eric:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/proxy_http.loaderic@eric:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/proxy.conf

Then, execute the a2enmod command.

eric@eric:/etc/apache2$ a2enmod proxy

2. Config proxy

After activating the proxy module, we can config the "Forward Proxy" or "Reverse Proxy" for the "jreport" application in Tomcat.

  • Reverse Proxy

Reverse proxy is the most used way.

ProxyRequests OffProxyPass /jreport ${JREPORT_SERVER}/jreportProxyPassReverse /jreport ${JREPORT_SERVER}/jreport

or

ProxyRequests OffTimeout 36000ProxyTimeout 36000
ProxyPass ${JREPORT_SERVER}/jreport ProxyPassReverse ${JREPORT_SERVER}/jreport ProxyPassReverseCookiePath /jreport /

For easy to config, we define a variable named "JREPORT_SERVER" in "/etc/apache2/envvars".

export JREPORT_SERVER=http://192.168.0.88:8080

After restarting the apache with the latest configuration, we can access the "jreport" application with:

http://localhost:81/jreport
  • Forward Proxy

For example, to control who can access your proxy:

ProxyRequests OnProxyVia On
Require ip 192.168.0

For more details, please see the official doc about .

Add SSL Support

1. Install openssl and ssl_cert

eric@eric: sudo apt-get install openssl ssl_cert

2. Generate private key and certification

eric@eric: sudo mkdir /etc/apache2/ssleric@eric: cd /etc/apache2/ssleric@eric:/etc/apache2/ssl$ sudo openssl genrsa -des3 -out my-server.key 1024eric@eric:/etc/apache2/ssl$ sudo openssl req -key my-server.key -x509 -out my-server.crt -config /etc/ssl/openssl.cnf -days 3650

3. Activate SSL module

eric@eric:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/ssl.loaderic@eric:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/ssl.conferic@eric:/etc/apache2/mods-enabled$ sudo a2enmod ssl

4. Add SSL support for site

Now, we modify the default site configuration (/etc/apache2/sites-enabled/000-default.conf) to add SSL support and make non-https access use the https automatically.

Usually, we config the 443 port for SSL support.

... RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [L,R]
SSLEngine on SSLCertificateFile /etc/apache2/ssl/my-server.crt SSLCertificateKeyFiel /etc/apache2/ssl/my-server.key ...

Postscript

I have just recorded my first attempt to proxy a web site by apache for memo. There are some other useful and complex modules in apache, such as rewrite, load balance and so on.

Reference

  1. Apache official doc: 

转载于:https://www.cnblogs.com/iter/p/3799205.html

你可能感兴趣的文章
mysql脚本
查看>>
OllyDBG 入门系列教学--让你瞬间成为破解高手
查看>>
jQuery插件开发的准备
查看>>
Dubbo点滴(2)之集群容错
查看>>
Zend Framework 自动加载类的实现方法
查看>>
使用Logrotate来管理系统日志
查看>>
机房管理系列之机房温湿度
查看>>
【PMP】Head First PMP 学习笔记 第七章 成本管理
查看>>
全球众多IT巨头竞相抢占云计算市场
查看>>
这台人形机器人曾登上时尚杂志封面 最近还参加了联合国大会
查看>>
mysql源码安装
查看>>
APNS MySQL Tables
查看>>
CEGUI中回车键,退格键的响应
查看>>
Double Kill!何恺明包揽全部两项最佳论文奖!清华北航上交论文活跃度名列前十...
查看>>
任正非:将打造华为统一的AI平台,2018首先在GTS部署
查看>>
货车帮CTO冯亮:利用阿里云服务,发展物流产业互联网
查看>>
iOS代码规范
查看>>
阿里云助艾尔肯实现维吾尔族音乐梦
查看>>
调查:OpenStack日渐成熟 部署率上涨44%
查看>>
具备这些特性 说明你是个优秀程序员
查看>>