Tuesday, December 25, 2012

How to Implement Reverse Proxy With Mod Security



This post is related to the project that i did with Mod_Security & Reverse Proxy , you can refer to this post that i already describe the details of "How To Install Mod_Security On Apache(Ubuntu 12.10) Step By Step Tutorial For Beginners".
In this post i will give the example configuration for the "reverse proxy" of the same project that i mention above:

First you need to run following command to install and enable the Reverse Proxy.
sudo a2enmod proxy proxy_http

Now you have to go to the following path for changing the configuration of the reverse proxy.
/etc/apache2/sites-available.

Change the content of file with following lines:

<VirtualHost *:80>
        ServerAdmin administrator@myexample.net
        ServerAlias www.myexample.net
        ServerName myexample.net

        ErrorLog /var/log/apache2/example-error.log

        LogLevel info
        CustomLog /var/log/apache2/example-access.log combined
         
        ProxyPreserveHost On
        ProxyRequests off
        # Allow from everywhere
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
       # Send all requests to port 1122
ProxyPass /audit !
        ProxyPass / http://10.10.150.4:80/
        ProxyPassReverse / http://10.10.150.4:80/
</VirtualHost>

This configuration will get any request on port 80 and forward them on http://10.10.150.4:80. And as  we had a php script inside this machine and we need to open that from this machine not the destination machine so we need to make a exception for that directory. "ProxyPass /audit !" will stop reverse proxy to forward requests related to /audit/ directory to the destination machine and will run it from the current machine!

Now by running the following command restart the Apache to changes take effect:
sudo service apache2 restart

And this is the video of this project that i describes the details about how this project works.
http://www.youtube.com/watch?v=o3-KDD7TSrA

Social Networks Sharing