Apache can be used as a gateway to back-end services by configuring it to act as a reverse proxy server. Requests received by Apache will be passed to and processed by a back-end server or service. The back-end server or service will return the response to the Apache server before finally being passed back to the requesting client.
Reverse proxy configuration allows an Apache server to listen to a single IP address or a DNS name and serve multiple apps and services. Apache as a reverse proxy would then, among other things, provides centralized control of the back-end services while being more secure. The extra security is achieved by not directly exposing the back-end servers typically hosted in private networks.
$ sudo a2enmod proxy_http #Ubuntu, Debian and SUSE variants Considering dependency proxy for proxy_http: Enabling module proxy. Enabling module proxy_http.
Options | Debian, Ubuntu | openSUSE and SLES | Fedora Core, CentOS, RHEL | macOS | homebrew | xampp |
---|---|---|---|---|---|---|
a2enmod support | yes | yes | no | no | no | no |
Modules to install | none | |||||
Module name | n/a | proxy, proxy_http | ||||
Loadmodule directive | n/a | LoadModule proxy_module <module_locations>/mod_proxy.so LoadModule proxy_http_module <module_locations>/mod_proxy_http.so |
<VirtualHost *:80> ProxyRequests Off ProxyPass "/backend-service-01" "http://backend-service-01.local/" ProxyPassReverse "/backend-service-01" "http:///backend-service-01.local" ProxyPass "/backend-service-02" "http://backend-service-02.local/" ProxyPassReverse "/backend-service-02" "http:///backend-service-02.local" </VirtualHost>
$ sudo systemctl restart apache2 #Ubuntu, Debian, openSUSE and SLES $ sudo systemctl restart httpd # CentOS and Red Hat
Related: How to manage Apache service
$ curl http://backend-service-01.local I am backend-service-01.local
The request will fail if the backend service is hosted in a private network under a NAT.
This test could also be done by browsing the URL using a web browser.
$ curl http://proxy-server/backend-service-01 I am backend-service-01.local
Comment anonymously. Login not required.