How To Use Apache as a Reverse Proxy on Ubuntu 20.04

A reverse proxy is a type of proxy server that accepts HTTP (S) requests and transparently distributes them to one or more backend servers.

You can use a reverse proxy to prevent direct access to these underlying application servers. They can also be used to distribute the load of incoming requests to different application servers.

In this tutorial, you will configure Apache as a basic reverse proxy using the mod_proxy extension to redirect incoming connections to one or more backend servers running on the same network.

Install the Apache Web Server.

sudo apt install apache2

Enabling Necessary Apache Modules.

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod lbmethod_byrequests

If you need to enable the SSL module in Apache.

sudo a2enmod ssl

You can also enable Apache Mod_Rewrite that provides URL manipulation capability.

sudo a2enmod rewrite

To put these changes into effect, restart Apache.

sudo systemctl restart apache2

Now you will need to disable the default configuration to avoid that your reverse proxy works as a web server

cd /etc/apache2/sites-available/
sudo a2dissite 000-default-ssl
sudo a2dissite 000-default
sudo a2dissite default-ssl

sudo systemctl reload apache2

Example of a load balancer configuration:

Create a configuration to serve two or more backend services with this prerequirement:

1. redirect http request  to https
2. serve https when your be services are clear text (http)
3. balacing with two services

suppose to configure a domain name “mydomain.com” and the be services responds on 10.10.01.20:18000 and 10.10.01.20:22000

now you need to edit the conf file at /etc/apache2/site-available/ : 

 
  sudo nano /etc/apache2/sites-available/mydomain.com.conf

insert this code and replace with your custom settings:

<VirtualHost *:80>        
        ServerName mydomain.com
        ServerAlias mydomain.com *.mydomain.com
        RewriteEngine On
        #RewriteCond %{HTTP_HOST} ^(.+)\.mydomain\.com$
        #RewriteRule ^(.*)$ https://%1.mydomain.com$1 [R=302,L]
        RewriteCond %{HTTPS} off
        RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>


<VirtualHost *:443>
        ServerName mydomain.com
        ServerAlias mydomain.com *.mydomain.com

        ProxyRequests On
        ProxyPreserveHost On

        <Proxy balancer://myset>
            BalancerMember http://10.10.01.20:18000
            BalancerMember http://10.10.01.20:22000
            #ProxySet lbmethod=bytraffic
            Order deny,allow
            Allow from all
         </Proxy>  
        


        SSLProxyEngine on
        ProxyPass "/"  "balancer://myset/"
        ProxyPassReverse "/"  "balancer://myset/"




        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
	#SSLProxyCheckPeerName off
	#SSLProxyCheckPeerCN off
	SSLProxyCheckPeerExpire off

        <Location />
                Order deny,allow
                Allow from all
                SetOutputFilter INFLATE;DEFLATE
        </Location>

        SSLEngine on
        SSLCertificateFile  /home/certs/ssl-mydomain.com/mydomain.com.crt
        SSLCertificateKeyFile /home/certs/ssl-mydomain.com/mydomain.com.key
        SSLCertificateChainFile   /home/certs/ssl-mydomain.com/ca-bundle.crt
</VirtualHost>

enable the configuration:

 
  cd /etc/apache2/sites-available
  sudo a2ensite mydomain.com
  sudo systemctl reload apache2 

thats it