Apache VirtualHost with reverse proxy

Posted in Notes

This post documents the process of setting up a reverse proxy to load one (Origin) website in the subdirectory of another. During this process the reverse proxy directives will also append HTML to the head and body of the origin website.

 

Prerequisites

The instructions below are based on an Apache Linux server running cPanel/ Web Host Manager. The set-up requires the following Apache modules:

  • mod_proxy
  • mod_proxy_http
  • od_include
  • mod_headers
  • mod_rewrite
  • mod_sed

mod_sed is the only uncommon module, however it is only required if you are using the OutputSed directives, if you don’t plan on making any modifications to the origin website you can skip it.

 

VirtualHost

The server will already be preconfigured to listen for additional .conf files for each domain once they’re added to the correct directories. For the standard WHM/cPanel/Apache combination:

/etc/apache2/conf.d/userdata/ssl/2_4/$user/$domainname/$file.conf

Where $user is the Linux user account associated with the hosting package, $domainname is your cPanel domain name and $file is the .conf filename.

/etc/apache2/conf.d/userdata/ssl/2_4/example/example.com/reverseproxy.conf

 

ProxyPass Directives

Inside reverseproxy.conf the Reverse proxy directives are added:

  • /subdirectory where the origin website will be displayed (could be root “/”)
  • https://origin-website.example.com/ is the origin website
ProxyPreserveHost off
SSLProxyEngine on
SSLProxyVerify off
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass "/subdirectory" "https://origin-website.example.com/"
ProxyPassReverse "/subdirectory" "https://origin-website.example.com/"

 

## Stop any existing rewrites on subdirectory
RewriteRule ^(subdirectory)($|/) - [L]

<Location "/subdirectory">

     <IfModule mod_headers.c>
        RequestHeader unset accept-encoding
        Header unset Content-Length
     </IfModule>

     # Add new layout fields
     Options +Includes
     AddOutputFilterByType Sed;INCLUDES text/html
     OutputSed "/<!--#[a-zA-z]/d"
     OutputSed "s/\\(<\/head>\\)/\\<!--#include virtual=\"\/layout\/head.inc.php\"--><\/head>/g"
     OutputSed "s/\\(<body[^>]*>\\)/\\<!--#include virtual=\"\/layout\/header.inc.php\"-->/g"
     OutputSed "s/\\(<\/body>\\)/\\<!--#include virtual=\"\/layout\/footer.inc.php\"--><\/body>/g"

</Location>

The above code will automatically try to include additional files in the pages processed by ProxyPass.

  • layout/head.inc.php will be appended to the <head>
  • layout/header.inc.php will be added to the start of <body> tag
  • layout/footer.inc.php will be added just before the </body> tag

These files can be used to apply style/scripting on top of the code supplied by the proxy.

 

Rebuild and Restart Apache

Once the reverse proxy directives have been added to the Apache configuration, the live conf file needs to be rebuilt to include the new directives:

/usr/local/cpanel/scripts/rebuildhttpdconf

The rebuild process will flag any errors with the reverse proxy code. These can then be rectified before a successful rebuild.

Then the obligatory Apache restart:

/usr/local/cpanel/scripts/restartsrv_httpd

 

#

Related Notes

December 2024

Simple Analytics: A privacy-focused alternative to Google Analytics

In an era where digital privacy concerns are at the forefront of online discourse, many organisations are reassessing their tools to ensure compliance with data...

Continue reading

November 2024

Simple steps to protect your privacy online

In today’s digital world, protecting your privacy online has become essential. With personal data constantly being shared, stored, and potentially accessed by unauthorised parties, safeguarding...

Continue reading

November 2024

Introduction to Bluesky

Making the most of Bluesky after coming from whatever Twitter (𝕏) has become involves exploring the platform's unique features, adapting to its smaller, community-driven culture,...

Continue reading

November 2024

Web application security testing

With the increasing dependency on web applications in daily operations, securing these applications is paramount to safeguarding data and protecting against breaches. This blog post...

Continue reading

October 2024

Cookieless website tracking and analytics

Cookieless website tracking is a method of collecting analytics data and monitoring website behaviour without the need for traditional browser cookies. Traditionally, cookies have been...

Continue reading

October 2024

What's going on between WordPress and WP Engine?

The disagreement between WordPress and WP Engine has sparked considerable debate within the WordPress community and could have important implications for users of the WordPress...

Continue reading

More Notes Posts