Note: You are currently viewing documentation for Moodle 2.2. Up-to-date documentation for the latest stable version is available here: Reverse proxy frontend.

Reverse proxy frontend: Difference between revisions

From MoodleDocs
(New page: == The instructions to run apache as a reverse proxy of other apache in internal network assume the following == * You run Apache 2.2 both in the backend and the frontend. * You run RHEL 5...)
 
(links to current discussion regarding proxies. some basic stuff that might be helpful)
 
(6 intermediate revisions by 4 users not shown)
Line 1: Line 1:
== The instructions to run apache as a reverse proxy of other apache in internal network assume the following ==
{{Update}}
 
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] or surrogate is a proxy server that is installed in a server network. Typically, reverse proxies are used in front of Web servers. All connections coming from the Internet addressed to one of the Web servers are routed through the proxy server, which may either deal with the request itself or pass the request wholly or partially to the main web servers.
 
 
= 2.x Proxy Options =
See [http://moodle.org/mod/forum/discuss.php?d=207951 SSL Proxy woes] for discussion regarding proxys.
Someone should document these configuration options properly as this page is the only one that comes up when searching for "proxy".
* These configuration options could be useful for those attempting to modify their site(s) to run with or without various types of proxies:
* <code>$CFG->wwwroot  = 'https://your.moodle.org/instance';</code> # How the moodle will generate urls AND/OR how pages must be requested
* <code>$CFG->loginhttps=1;</code> # Force login page form to use ssl url
* <code>$CFG->sslproxy=1;</code> # Let the moodle answer http:// requests while generating https:// urls
* <code>$CFG->reverseproxy=1;</code> # Not sure, didn't use this for our SSL offloading reverse proxy.
 
= 1.x Proxy Options =
 
== Requirements ==
* You need ssl for authentication.
* You run Apache 2.2 both in the backend and the frontend.
* You run Apache 2.2 both in the backend and the frontend.
* You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
* You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
* You run Apache 2.2 as the frontend in any modern OS.
* You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003).
* You installed moodle 1.9 to run from "/" the internal http server.
* You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24.
* You have an external facing apache using SSL.
== Configuration for the external server ==
http.conf
(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
ProxyPreserveHost On
(snip)
Include conf/http-ssl.conf
 
http-ssl.conf
(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
(snip)
== config.php ==
<?php  /// Moodle Configuration File
unset($CFG);
$CFG->dbtype    = 'mysql';
$CFG->dbhost    = 'localhost';
$CFG->dbname    = 'moodle';
$CFG->dbuser    = 'moodleuser';
$CFG->dbpass    = 'XXXXXXXX';
$CFG->dbpersist =  false;
$CFG->prefix    = 'mdl_';
$CFG->wwwroot  = 'http://trainer.moodle.org';
$CFG->dirroot  = '/var/www/moodle';
$CFG->dataroot  = '/opt/moodle_data';
$CFG->admin    = 'admin';
$CFG->directorypermissions = 00777;  // try 02777 on a server in Safe Mode
require_once("$CFG->dirroot/lib/setup.php");
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES,
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE.
?>
== The tricky part ==
* Go to Administration ► Security ► HTTP security and set '''Use HTTPS for loginsloginhttps''' to true.
* You need to have the previous setup ready or you may lock yourself out of the server.

Latest revision as of 21:46, 13 August 2012

This page requires updating for Moodle 2.2. Please do so and remove this template when finished.


A reverse proxy or surrogate is a proxy server that is installed in a server network. Typically, reverse proxies are used in front of Web servers. All connections coming from the Internet addressed to one of the Web servers are routed through the proxy server, which may either deal with the request itself or pass the request wholly or partially to the main web servers.


2.x Proxy Options

See SSL Proxy woes for discussion regarding proxys. Someone should document these configuration options properly as this page is the only one that comes up when searching for "proxy".

  • These configuration options could be useful for those attempting to modify their site(s) to run with or without various types of proxies:
  • $CFG->wwwroot = 'https://your.moodle.org/instance'; # How the moodle will generate urls AND/OR how pages must be requested
  • $CFG->loginhttps=1; # Force login page form to use ssl url
  • $CFG->sslproxy=1; # Let the moodle answer http:// requests while generating https:// urls
  • $CFG->reverseproxy=1; # Not sure, didn't use this for our SSL offloading reverse proxy.

1.x Proxy Options

Requirements

  • You need ssl for authentication.
  • You run Apache 2.2 both in the backend and the frontend.
  • You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
  • You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003).
  • You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24.
  • You have an external facing apache using SSL.

Configuration for the external server

http.conf 

(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
ProxyPreserveHost On
(snip)
Include conf/http-ssl.conf

http-ssl.conf 

(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
(snip)

config.php

<?php  /// Moodle Configuration File 

unset($CFG);

$CFG->dbtype    = 'mysql';
$CFG->dbhost    = 'localhost';
$CFG->dbname    = 'moodle';
$CFG->dbuser    = 'moodleuser';
$CFG->dbpass    = 'XXXXXXXX';
$CFG->dbpersist =  false;
$CFG->prefix    = 'mdl_';

$CFG->wwwroot   = 'http://trainer.moodle.org';
$CFG->dirroot   = '/var/www/moodle';
$CFG->dataroot  = '/opt/moodle_data';
$CFG->admin     = 'admin';

$CFG->directorypermissions = 00777;  // try 02777 on a server in Safe Mode

require_once("$CFG->dirroot/lib/setup.php");
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES,
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE.
?>

The tricky part

  • Go to Administration ► Security ► HTTP security and set Use HTTPS for loginsloginhttps to true.
  • You need to have the previous setup ready or you may lock yourself out of the server.
Retrieved from "https://docs.moodle.org/22/en/index.php?title=Reverse_proxy_frontend&oldid=98664"
Powered by MediaWiki