User Tools

Site Tools


js#vista.png msort nsort


Apache mod_proxy with ]project-open[

Running AOL server on a port other than port 80 is a good way to have multiple versions/installs of ]po[ available for differing needs. the problem is remembering which port is for which install.

By making use of Apache with mod_proxy and mod_proxy_html you can create subdomain virtualhosts in Apache that are proxied to and from the differing AOLserver/]po[ backends.


Setting up a vhost in apache is a simple matter, so I won't go into it in depth and will only explain certain config options that are more to do with the proxy settings. I am working almost entirely on Debian servers so installation of mod_proxy_html is quite easy:

apt-get install libapache2-mod-proxy-html

mod_proxy is in the core Apache install on Debian systems so there is no need to install it. Once mod-proxy-html is installed make sure mod_proxy and mod_proxy_html are enabled in /etc/apache2/mods-enabled.

Apache subdomain VHost

Now we can start getting down to business.

below you will see a sample vhost entry that I use to redirect ALL http requests to the subdomain to a secured HTTPS connection and from there it's proxied to the ]po[ install on port 8444.

root@etch:/etc/apache2/sites-enabled# cat

        AssignUserID itadmins itadmins

        Redirect permanent /
root@etch:/etc/apache2/sites-enabled# cat
<IfModule mod_ssl.c>


        AssignUserID itadmins itadmins

        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        SSLEngine on

        #   A self-signed (snakeoil) certificate can be created by installing
        #   the ssl-cert package. See
        #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
        #   If both key and certificate are stored in the same file, only the
        #   SSLCertificateFile directive is needed.
        SSLCertificateFile    /etc/apache2/ssl/itadmins_net.cert.pem
        SSLCertificateKeyFile /etc/apache2/ssl/itadmins_net.key.pem

        BrowserMatch ".*MSIE.*" \
                nokeepalive ssl-unclean-shutdown \
                downgrade-1.0 force-response-1.0

        ProxyHTMLLogVerbose On
        LogLevel error
        ProxyRequests Off
        SSLProxyEngine on

        <Location />


ProxyHTMLLogVerbose: Turns on verbose logging of mod_proxy_html. very useful when you first start working with the module.

ProxyRequests: used to ensure that noone can abuse your proxy. IF you wish to enable this then be sure to secure your proxy and deny all access to the proxy except for those that should be allowed to access it!!!!

SSLProxyEngine: enables the proxy for SSL connection support

project-open/apache_proxy.txt · Last modified: 2020/02/24 11:16 (external edit)