Apache can be used as a gateway to backend services by configuring it to act as a reverse proxy server. Requests received by Apache will be passed to and processed by a backend server or service which the response will then be returned to the Apache server before finally being passed back to the requesting client.

This allows an Apache server to listen to a single IP address or a DNS name and serve multiple apps and services. This among other things provide centralised control of the backend services while being more secure by not directly exposing the backend servers which are normally hosted in private networks.

Steps to configure Apache as a reverse proxy server:

  1. Launch terminal application.
  2. Enable proxy and proxy_http module for Apache.
    $ sudo a2enmod proxy_http # Ubuntu, Debian and SUSE variants
    Considering dependency proxy for proxy_http:
    Enabling module proxy.
    Enabling module proxy_http.
    • Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
    • CentOS and Red Hat enables both modules by default so requires no manual action to enable the modules.
    Options Debian, Ubuntu openSUSE and SLES Fedora Core, CentOS, RHEL macOS homebrew xampp
    a2enmod support yes yes no no no no
    Modules to install none
    Module name n/a proxy, proxy_http
    Loadmodule directive n/a LoadModule proxy_module <module_locations>/mod_proxy.so
    LoadModule proxy_http_module <module_locations>/mod_proxy_http.so
  3. Add proxy configuration to desired VirtualHost setting.
    <VirtualHost *:80>
            ProxyRequests Off
            ProxyPass "/backend-service-01" "http://backend-service-01.local/"
            ProxyPassReverse "/backend-service-01"  "http:///backend-service-01.local"
            ProxyPass "/backend-service-02" "http://backend-service-02.local/"
            ProxyPassReverse "/backend-service-02"  "http:///backend-service-02.local"
  4. Restart Apache service.
    $ sudo systemctl restart apache2 # Ubuntu, Debian, openSUSE and SLES
    $ sudo systemctl restart httpd # CentOS and Red Hat
  5. Test direct access to backend service.
    $ curl http://backend-service-01.local
    I am backend-service-01.local

    The request will fail if the backend service is hosted in a private network under a NAT.

    This test could also be done by browsing the URL using a web browser.

  6. Test accessing backend service via configured Apache reverse proxy.
    $ curl http://proxy-server/backend-service-01
    I am backend-service-01.local

Guide compatibility:

Operating System
Ubuntu 16.04 LTS (Xenial Xerus)
Ubuntu 16.10 (Yakkety Yak)
Ubuntu 17.04 (Zesty Zapus)
Ubuntu 17.10 (Artful Aardvark)
Ubuntu 18.04 LTS (Bionic Beaver)
Ubuntu 18.10 (Cosmic Cuttlefish)
Ubuntu 19.04 (Disco Dingo)
Discuss the article:

Comment anonymously. Login not required.