Home arrow Site Administration arrow Page 3 - Using Apache As A Proxy Server

Passing The Packets - Administration

Apache isn't just the planet's most popular Web server - it'salso one heck of a proxy server. This article explores the process ofinstalling and configuring Apache to act as a proxy server for yournetwork, demonstrating how it can be used to cache frequently-accessedWeb sites, log Internet access and block offensive domains, in additionto serving up Web content. Talk about getting two servers for the priceof one!

TABLE OF CONTENTS:
  1. Using Apache As A Proxy Server
  2. Getting Started
  3. Passing The Packets
  4. Wheat And Chaff
  5. Going Backwards
  6. Cache Cow
  7. Endzone
By: icarus, (c) Melonfire
Rating: starstarstarstarstar / 30
June 12, 2002

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
Apache can function as both a "forward proxy" and a "reverse proxy". A forward proxy accepts client requests, forwards them to the Internet, and sends the responses back to the requesting client. A reverse proxy, on the other hand, provides an easy way to remap external URLs such that they appear to belong to the same domain space as the proxy itself, and to provide enhanced caching facilities at the proxy level (if that didn't make much sense, don't worry - I've explained it in detail a little further along).

Pop open the Apache configuration file, "httpd.conf", and add the following lines to it (for Apache 1.3):
<IfModule mod_proxy.c>
ProxyRequests On
<Directory proxy:*>
Order deny,allow
Deny from all
Allow from 192.168.0.0/255.255.255.0
</Directory>
</IfModule>
If you're using Apache 2.0, you should use this instead:
<IfModule mod_proxy.c>
ProxyRequests On
<Proxy *>
Order deny,allow
Deny from all
Allow from 192.168.0.0/255.255.255.0
</Proxy>
</IfModule>
Here, the
ProxyRequests On
tells Apache to activate its proxy services. It is followed by a
<Proxy>
...
</Proxy>
or
<Directory>
...
</Directory>
block, which contains rulesets for determining which clients can access these services. These are similar to firewall rules, which you may be familiar with already.
<Directory proxy:*>
Order deny,allow
Deny from all
Allow from 192.168.0.0/255.255.255.0
</Directory>
Note that the last line within the block specifies the IP addresses of clients allowed to use the proxy. In the example above, I've specified all clients on the 192.168.0.* network; you can just as easily restrict this to a list or range of specific IP addresses.

Once that's done, shut down and restart the server.
$ /usr/local/apache/bin/apachectl restart
Next, you need to tell clients on the network about the proxy server. In most cases, this involves popping open the client's configuration and setting the host name or IP address of the machine running the proxy server. Assuming that the proxy server is running on the machine identified by the IP address 192.168.0.10, here's what the configuration looks like in Internet Explorer,



and in Netscape Communicator.



Once the client configuration is complete, attempt to access an Internet resource - the client should make the request via the proxy (which should, obviously, be connected to the Internet), receive a response and display it to the user.

You can verify that the request is in fact being handled via the proxy by checking Apache's log files - if, for example, I used a browser on a networked machine to access the Melonfire Web site, here's what I'd see in the server logs:
192.168.0.143 - - [23/May/2002:15:35:52 +0530] "GET
http://www.melonfire.com/images/account_h.jpg HTTP/1.0" 200 5118
192.168.0.143 - - [23/May/2002:15:35:53 +0530] "GET
http://www.melonfire.com/images/community_h.jpg HTTP/1.0" 200 6772
192.168.0.143 - - [23/May/2002:15:35:56 +0530] "GET
http://www.melonfire.com/images/contact_h.jpg HTTP/1.0" 502 519
192.168.0.143 - - [23/May/2002:15:36:02 +0530] "GET
http://www.melonfire.com/images/logo1.jpg HTTP/1.0" 200 6988
192.168.0.143 - - [23/May/2002:15:36:02 +0530] "GET
http://www.melonfire.com/images/teasers/3.jpg HTTP/1.0" 502 519
192.168.0.143 - - [23/May/2002:15:36:04 +0530] "GET
http://www.melonfire.com/images/company_n.jpg HTTP/1.0" 200 6298
192.168.0.143 - - [23/May/2002:15:36:05 +0530] "GET
http://www.melonfire.com/images/community_n.jpg HTTP/1.0" 200 5971
192.168.0.143 - - [23/May/2002:15:36:05 +0530] "GET
http://www.melonfire.com/images/go.jpg HTTP/1.0" 200 7002 192.168.0.143
- - [23/May/2002:15:36:06 +0530] "GET
http://www.melonfire.com/images/services_n.jpg HTTP/1.0" 200 5817
192.168.0.143 - - [23/May/2002:15:36:07 +0530] "GET
http://www.melonfire.com/images/account_n.jpg HTTP/1.0" 200 3820


 
 
>>> More Site Administration Articles          >>> More By icarus, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: