Difference between revisions of "SBN - Proxy Server Notes"
| Line 13: | Line 13: | ||
Create the virtual machine to point incoming connections at the internal server you want to proxy: | Create the virtual machine to point incoming connections at the internal server you want to proxy: | ||
| − | * | + | *See [[WebServer - Name-based Virtual Host Support|Name-based Virtual Host Support]] |
| − | + | You may have noted while setting up the '''VirtualHost''' that we're pointing at a set of cert files that need to be on '''both''' machines. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | You | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Also, 2 log files in a new folder... | Also, 2 log files in a new folder... | ||
| Line 56: | Line 21: | ||
*<code>sudo mkdir /var/log/apache2/Proxy</code> | *<code>sudo mkdir /var/log/apache2/Proxy</code> | ||
| − | (this folder will be populated | + | (this folder will be populated automagically when you restart Apache...) |
Now, restart Apache: | Now, restart Apache: | ||
| Line 62: | Line 27: | ||
*<code>sudo service apache2 restart</code> | *<code>sudo service apache2 restart</code> | ||
| − | At this point, you should be able to browse to ''' | + | At this point, you should be able to browse to '''Proxy.foo.bar''' from outside your network. |
==Special considerations for the ESXi WebUI== | ==Special considerations for the ESXi WebUI== | ||
Revision as of 16:32, 28 June 2020
Contents
Reverse Proxy (Outside Access to internal servers)
Start with a standard Web Server install...
We'll be basing our procedure on Configuring Apache To Proxy Connections
Enable the proxy modules:
sudo a2enmod proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html
(possibly add mod_authz_host to the list...)
Create the virtual machine to point incoming connections at the internal server you want to proxy:
You may have noted while setting up the VirtualHost that we're pointing at a set of cert files that need to be on both machines.
Also, 2 log files in a new folder...
sudo mkdir /var/log/apache2/Proxy
(this folder will be populated automagically when you restart Apache...)
Now, restart Apache:
sudo service apache2 restart
At this point, you should be able to browse to Proxy.foo.bar from outside your network.
Special considerations for the ESXi WebUI
Access Control by IP / HostName
You can control who can access your proxy via the <Proxy> control block as in the following example:
<Proxy "*"> Order deny,allow Deny from all Allow from 192.168.0.1 Allow from 192.168.0.2 </Proxy>
Simply replace 192.168.0.1 & 192.168.0.2 with the IPs of the machines allowed to access this proxy.
In theory, You could also replace the IP addresses with hostnames (or partial hostnames). BUT, those hostnames need to be visible across the internet...
Upcoming tricks...
- Multi-Site Server Management from a Central Server
