www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-07-30 20:03:10 +03:00
Code Activity
Files
a51c81ea9d2319e76bdcea556580ee638f82bcbc
apache/docs/manual/howto/reverse_proxy.xml
Jim Jagielski 4312a45494 adjust 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1729612 13f79535-47bb-0310-9956-ffa450edef68
2016-02-10 14:57:07 +00:00

106 lines
4.1 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
<!-- $LastChangedRevision: 1673932 $ -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manualpage metafile="public_html.xml.meta">
<parentdocument href="./">How-To / Tutorials</parentdocument>
<title>Reverse Proxy Guide</title>
<summary>
<p>In addition to being a "basic" web server, and providing static and
dynamic content to end-users, Apache httpd (as well as most other web
servers) can also act as a reverse proxy server, also-known-as a
"gateway" server.</p>
<p>In such scenarios, httpd itself does not generate or host the data,
but rather the content is obtained by one or several backend servers,
which normally have no direct connection to the external network. As
httpd receives a request from a client, the request itself is <em>proxied</em>
to one of these backend servers, which then handles the request, generates
the content and then sends this content back to httpd, which then
generates the actual HTTP response back to the client.</p>
<p>There are numerous reasons for such an implementation, but generally
the typical rationales are due to security, high-availability, load-balancing
and centralized authentication/authorization. It is critical in these
implementations that the layout, design and architecture of the backend
infrastructure (those servers which actually handle the requests) are
insulated and protected from the outside; as far as the client is concerned,
the reverse proxy server <em>is</em> the sole source of all content.</p>
<p>A typical implementation is below: <img src="../images/reverse-proxy-arch.png" alt="reverse-proxy-arch" /></p>
</summary>
<section id="related">
<title>Reverse Proxy</title>
<related>
<modulelist>
<module>mod_proxy</module>
<module>mod_proxy_balancer</module>
<module>mod_proxy_hcheck</module>
</modulelist>
<directivelist>
<directive module="mod_proxy">ProxyPass</directive>
<directive module="mod_proxy">BalancerMember</directive>
</directivelist>
</related>
</section>
<section id="userdir">
<title>Simple reverse proxying</title>
<p>The <directive module="mod_proxy">ProxyPass</directive>
directive specifies the mapping of incoming requests to the backend
server (or a cluster of servers known as a <code>Balancer</code>
group). The simpliest example proxies all requests (<code>"/"</code>)
to a single backend:</p>
<highlight language="config">
ProxyPass "/" "http://www.example.com"
</highlight>
<p>To ensure that and <code>Location:</code> headers generated from
the backend are modified to point to the reverse proxy, instead of
back to itself, the <directive module="mod_proxy">ProxyPassReverse</directive>
directive is most often required:</p>
<highlight language="config">
ProxyPass "/" "http://www.example.com"
ProxyPassReverse "/" "http://www.example.com"
</highlight>
<p>Only specific URIs can be proxied, as shown in this example:</p>
<highlight language="config">
ProxyPass "/images" "http://www.example.com"
ProxyPassReverse "/images" "http://www.example.com"
</highlight>
<p>In the above, any requests which start with the <code>/images</code>
path with be proxied to the specified backend, otherwise it will be handled
locally.</p>
</section>
</manualpage>
View Git Blame Copy Permalink