View Categories

How to Configure Apache as a Reverse Proxy with mod_proxy

Eugene
Updated on April 9, 2025

Apache is a powerful and versatile web server that can also act as a reverse proxy, forwarding client requests to backend servers. Setting up Apache as a reverse proxy enhances security, simplifies client access to multiple services, and improves load balancing. Here’s a simplified guide to configure Apache as a reverse proxy using the mod_proxy module.

What You’ll Need #

  1. A fresh Linux server (e.g., Ubuntu 20.04) with Apache installed.
  2. A DNS “A” record pointing to your server’s IP (e.g., app.example.com).
  3. Docker installed to host backend applications like ownCloud.
  4. A non-root user with sudo privileges.

Step 1: Enable Required Modules #

Apache uses several modules for reverse proxying. Start by enabling these:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod proxy_wstunnel
  • mod_proxy: Core proxying functionality.
  • proxy_http: Handles HTTP/HTTPS requests.
  • proxy_balancer: Adds load-balancing capabilities.
  • proxy_wstunnel: Facilitates WebSocket tunneling.

Restart Apache to apply changes:

sudo systemctl restart apache2

Step 2: Set Up a Backend Application #

For this example, we’ll use ownCloud hosted in a Docker container:

docker run -d --name owncloud -p 8080:8080 owncloud/server
docker start owncloud

Verify that ownCloud is running:

docker ps

Step 3: Configure Apache as a Reverse Proxy #

Back Up the Default Configuration:

    sudo mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/origdefault.backup

    Create a New Configuration File:

    sudo nano /etc/apache2/sites-available/app.example.com.conf

    Add the following content, replacing app.example.com with your domain:

    <VirtualHost *:80>
        ServerName app.example.com
        ProxyPreserveHost On
        ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/
    </VirtualHost>
    • ProxyPreserveHost: Forwards the original host header to the backend.
    • ProxyPass: Routes client requests to the backend server.
    • ProxyPassReverse: Adjusts response headers from the backend.

    Activate the Configuration:

    sudo ln -s /etc/apache2/sites-available/app.example.com.conf /etc/apache2/sites-enabled/app.example.com.conf

    Test and Restart Apache:

    sudo apachectl configtest
    sudo systemctl restart apache2

    Step 4: Secure the Server #

    Allow HTTP and HTTPS traffic:

    sudo ufw allow 80/tcp
    sudo ufw allow 443/tcp
    sudo ufw reload

    Install SSL certificates for secure connections:

    sudo apt install certbot python3-certbot-apache

    sudo certbot -d app.example.com

    Test automatic SSL renewal:

    sudo certbot renew --dry-run

    Step 5: Verify the Setup #

    Open a browser and navigate to https://app.example.com. If everything is configured correctly, you’ll see the backend application’s interface (e.g., ownCloud login page).

    Benefits of Using Apache as a Reverse Proxy #

    • Improved Security: Shields backend servers from direct exposure.
    • Centralized Access: Simplifies client access to multiple services.
    • Load Balancing: Distributes traffic effectively.
    • Flexibility: Supports various backend applications.

    By following these steps, you’ve successfully set up Apache as a reverse proxy with mod_proxy, providing a robust and secure infrastructure for your applications.

    Updated on April 9, 2025

    Powered by BetterDocs

    Leave a Reply

    Your email address will not be published. Required fields are marked *