mod_proxy module allows you to configure proxy/gateway and load balancing in Apache web server. It not only protects your website but also improves performance by reducing server load. Let us look at how to configure Apache mod_proxy in CentOS.
How to Configure Apache mod_proxy in CentOS
Here are the steps to configure Apache mod_proxy in CentOS.
1. Verify the required modules
Luckily, all the required modules for reverse proxy and load balancing are already installed and enabled by default in Apache in CentOS. This is true only for CentOS/RHEL/Fedora systems. You will need to install them explicitly in Ubuntu/Debian systems.
So we will simply verify if they are present. Open a terminal and run the command
$ httpd -M
This will list all the available modules for Apache. Look for the following 4 lines
Output . . . proxy_module (shared) . . . lbmethod_byrequests_module (shared) . . . proxy_balancer_module (shared) . . . proxy_http_module (shared)
If they are not enabled, open Apache config file in a text editor
$ sudo nano /etc/httpd/conf.modules.d/00-proxy.conf
Uncomment the following 4 lines by removing ‘#’ sign at their beginning.
. . . LoadModule proxy_module modules/mod_proxy.so . . . LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so . . . LoadModule proxy_balancer_module modules/mod_proxy_balancer.so . . . LoadModule proxy_http_module modules/mod_proxy_http.so . . .
Save the file and restart Apache
$ sudo systemctl restart httpd
2. Update Apache Configuration
Next, we update Apache’s virtual host file to work as reverse proxy. If you want to use a separate virtual hosts file, here are the steps.
Open the virtual hosts file in a text editor. In this example, we use the default virtual hosts file. You can perform the following steps in your separate virtual hosts file, if you want.
$ sudo nano /etc/apache2/sites-available/000-default.conf
Look for the line starting with <VirtualHost *:80> and replace its code with the following lines. Replace server-ip-address with your back end server’s IP address. In case of localhosts, use 127.0.0.1 as IP address of backend server. Replace 8080 with the port number that will serve these requests
<VirtualHost *:80> DocumentRoot /var/www/ ProxyPreserveHost On # Servers to proxy the connection, or # List of application servers ProxyPass / http://server-ip-address:8080/ ProxyPassReverse / http://server-ip-address:8080/ </VirtualHost>
In the above code:
- ProxyPreserveHost – Preserves the request headers while passing request to backend servers, allowing them to know the origin
- ProxyPass – Specifies where the incoming requests should be sent for processing
- ProxyPassReverse – Tells Apache to modify headers before sending the response. Useful in case the response contains a redirect headers. In this cases, the client will be properly redirected back to proxy server and not the back end server
3. (Optional) Reverse Proxy with SSL
If you also want to reverse proxy SSL requests, then modify the above code as shown below to include the location of your SSL certificate, intermediate certificate (certificate chain file), and private key (.key file). Replace server-ip-address with your back end server’s IP address. In case of localhosts, use 127.0.0.1 as IP address of backend server. Replace 8080 with the port number that will serve these requests
<VirtualHost *:80> ProxyPreserveHost On ProxyPass / http://server-ip-address:8080/ ProxyPassReverse / http://server-ip-address:8080/ SSLCertificateFile /path/to/certificate.crt SSLCertificateKeyFile /path/to/certificate.key SSLCertificateChainFile /path/to/chainfile.crt </VirtualHost>
That’s it! Now you know how to configure Apache mod_proxy in CentOS.