How to configure Apache reverse proxy

Apache can be used as a gateway to back-end services by configuring it to act as a reverse proxy server. Requests received by Apache will be passed to and processed by a back-end server or service. The back-end server or service will return the response to the Apache server before finally being passed back to the requesting client.

Reverse proxy configuration allows an Apache server to listen to a single IP address or a DNS name and serve multiple apps and services. Apache as a reverse proxy would then, among other things, provides centralized control of the back-end services while being more secure. The extra security is achieved by not directly exposing the back-end servers typically hosted in private networks.

Steps to configure Apache as a reverse proxy server:

Launch terminal application.

Enable proxy and proxy_http module for Apache.

$ sudo a2enmod proxy_http #Ubuntu, Debian and SUSE variants
Considering dependency proxy for proxy_http:
Enabling module proxy.
Enabling module proxy_http.

Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
CentOS and Red Hat enables both modules by default so requires no manual action to enable the modules.

Options	Debian, Ubuntu	openSUSE and SLES	Fedora Core, CentOS, RHEL	macOS	homebrew	xampp
a2enmod support	yes	yes	no	no	no	no
Modules to install	none
Module name	n/a			proxy, proxy_http
Loadmodule directive	n/a			LoadModule proxy_module <module_locations>/mod_proxy.so LoadModule proxy_http_module <module_locations>/mod_proxy_http.so

Add proxy configuration to desired VirtualHost setting.

<VirtualHost *:80>
        ProxyRequests Off

        ProxyPass "/backend-service-01" "http://backend-service-01.local/"
        ProxyPassReverse "/backend-service-01"  "http:///backend-service-01.local"

        ProxyPass "/backend-service-02" "http://backend-service-02.local/"
        ProxyPassReverse "/backend-service-02"  "http:///backend-service-02.local"
</VirtualHost>

Restart Apache service.

$ sudo systemctl restart apache2 #Ubuntu, Debian, openSUSE and SLES
$ sudo systemctl restart httpd # CentOS and Red Hat

Related: How to manage Apache service

Test direct access to backend service.
```
$ curl http://backend-service-01.local
I am backend-service-01.local
```
The request will fail if the backend service is hosted in a private network under a NAT.

This test could also be done by browsing the URL using a web browser.

Test accessing backend service via configured Apache reverse proxy.

$ curl http://proxy-server/backend-service-01
I am backend-service-01.local

Author: Mohd Shakir Zakaria
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.

Discuss the article:

Comment anonymously. Login not required.