How to setup Apache Reverse Proxy in CentOS 7

Share on Social Media

In this configuration guide, you will learn, how to setup Apache Reverse Proxy in CentOS 7 or other Redhat based Linux distros. #centlinux #linux #apache

What is Apache HTTP Server? :

Apache HTTP Server, usually called as Apache, is the most popular web server over the Internet. Apache is free and open-source. Apache is developed and maintained by open-source community at Apache Software Foundation. Apache is loaded with so many features, and additional features can be added to Apache using the Apache modules.

Besides web server, Apache can also be configured as a Reverse Proxy to create a load balancing cluster of two or more web servers. This functionality can be added to Apache via mod_proxy module. Apache HTTP Server can be used to configure load balancers, hot-spares, hot-standby and failover nodes.

In this article, we will setup Apache reverse proxy and an HTTP load balancer on CentOS 7 server.

Read Also: How to setup Nginx Reverse Proxy in CentOS 7

System Specification:

In this article, we are using three virtual machines. Two VMs to deploy and run two websites and One VM to configure as the reverse proxy and HTTP load balancer.

Hostnameweb-01.example.comweb-02.example.comproxy-01.example.com
IP Address192.168.116.51/24192.168.116.52/24192.168.116.53/24
Operating SystemCentOS 7.6CentOS 7.6CentOS 7.6

We have already configured web-01.example.com and web-02.example.com as the web servers and hosted a simple and distinct webpage on both servers.

Web-01-Home-Page
Web-02-Home-Page

Now, we will configure the proxy-01.example.com as the load balancer using mod_proxy and Apache HTTP server.

Install Apache on CentOS 7:

Connect to proxy-01.example.com as root user.

Install Apache HTTP Server using yum command.

# yum install -y httpd

Start and enable httpd.service.

# systemctl start httpd.service
# systemctl enable httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

Allow HTTP service in Linux firewall.

# firewall-cmd --permanent --add-service=http
success
# firewall-cmd --reload
success

Browse URL http://proxy-01.example.com in a client browser.

Apache-HTTP-Server-Test-Page-powered-by-CentOS

Our Apache HTTP Server is running and displaying a default test page.

Setup Apache Reverse Proxy in CentOS 7:

Apache HTTP Server requires mod_proxy module to configure and function as the Load Balancer. The mod_proxy module is contained in httpd package, therefore it is automatically installed alongwith Apache HTTP Server on CentOS 7 platforms.

Use the following command to verify the availability of mod_proxy.

# httpd -M | grep proxy
 proxy_module (shared)
 proxy_ajp_module (shared)
 proxy_balancer_module (shared)
 proxy_connect_module (shared)
 proxy_express_module (shared)
 proxy_fcgi_module (shared)
 proxy_fdpass_module (shared)
 proxy_ftp_module (shared)
 proxy_http_module (shared)
 proxy_scgi_module (shared)
 proxy_wstunnel_module (shared)

Add a configuration file in /etc/httpd/conf.d/.

# vi /etc/httpd/conf.d/proxy.conf

Add following reverse proxy configurations therein.

<proxy balancer://appset>
        BalancerMember http://web-01.example.com
        BalancerMember http://web-02.example.com
        ProxySet lbmethod=bytraffic
</proxy>

ProxyPass "/app" "balancer://appset/"
ProxyPassReverse "/app" "balancer://appset/"

Restart httpd.service.

# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/app in a client browser.

Web-01-Home-Page

Our reverse proxy configuration has been working and the Page Request has been forwarded to web-01.example.com.

Refresh the Web Page.

Web-02-Home-Page

This time our Page Request has been served by web-02.example.com.

We have configured a simple reverse proxy in Apache HTTP server, that is load balancing between two web servers.

mod_proxy has many configuration options and we can create relatively advanced configurations such as hot-spare, hot-standby and failover sets. Complete documentations is available at Apache Website. You can experiment on your own by reading documentation and enhancing the same configurations that we have created above.

Configure Balancer Manager:

Apache HTTP Server also provide a built-in Balancer-Manager application for easy management and monitoring of load balancers.

Add following configuration file in /etc/httpd/conf.d.

# vi /etc/httpd/conf.d/lbmanager.conf

Add following directives to enable Balancer-Manager.

<location "/balancer-manager">
        SetHandler balancer-manager
        allow from all
</location>

Restart httpd.service.

# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/balancer-manager from a client browser.

load balancer manager

Balancer-Manager is configured and ready to use.

Securing Balancer-Manager:

Balancer-Manager is a simple application for monitoring and management of Apache HTTP Load Balancer. Therefore, it also lacks any implicit user authentication. However, we can configure Basic HTTP Authentication to restrict unauthorized access.

Create a password file and add a user in it.

# htpasswd -c /etc/httpd/htpasswd ahmer
New password:
Re-type new password:
Adding password for user ahmer

Modify /etc/httpd/conf.d/lbmanager.conf to implement basic HTTP authentication.

# vi /etc/httpd/conf.d/lbmanager.conf

The updated configurations should be as follows:

<location "/balancer-manager">
        SetHandler balancer-manager
        AuthType "basic"
        AuthName "balancer-manager"
        AuthUserFile /etc/httpd/htpasswd
        Require valid-user
</location>

Restart httpd.service.

# systemctl restart httpd.service

Browse URL http://proxy-01.example.com/balancer-manager from a client browser.

basic-http-authentication-01

Now, it is asking for a valid user to login.

Conclusion:

We have successfully setup Apache Reverse Proxy in CentOS 7. If you like this article, then you should read my article “HAProxy: Configure HTTP Load Balancer in CentOS 7”.

.