Reverse proxy frontend: Difference between revisions

From MoodleDocs
(New page: == The instructions to run apache as a reverse proxy of other apache in internal network assume the following == * You run Apache 2.2 both in the backend and the frontend. * You run RHEL 5...)
 
No edit summary
 
(5 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== The instructions to run apache as a reverse proxy of other apache in internal network assume the following ==
{{Update}}
A [http://en.wikipedia.org/wiki/Reverse_proxy reverse proxy] or surrogate is a proxy server that is installed in a server network. Typically, reverse proxies are used in front of Web servers. All connections coming from the Internet addressed to one of the Web servers are routed through the proxy server, which may either deal with the request itself or pass the request wholly or partially to the main web servers.
 
== Requirements ==
* You need ssl for authentication.
* You run Apache 2.2 both in the backend and the frontend.
* You run Apache 2.2 both in the backend and the frontend.
* You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
* You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
* You run Apache 2.2 as the frontend in any modern OS.
* You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003).
* You installed moodle 1.9 to run from "/" the internal http server.
* You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24.
* You have an external facing apache using SSL.
== Configuration for the external server ==
http.conf
(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
ProxyPreserveHost On
(snip)
Include conf/http-ssl.conf
 
http-ssl.conf
(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
(snip)
== config.php ==
<?php  /// Moodle Configuration File
unset($CFG);
$CFG->dbtype    = 'mysql';
$CFG->dbhost    = 'localhost';
$CFG->dbname    = 'moodle';
$CFG->dbuser    = 'moodleuser';
$CFG->dbpass    = 'XXXXXXXX';
$CFG->dbpersist =  false;
$CFG->prefix    = 'mdl_';
$CFG->wwwroot  = 'http://trainer.moodle.org';
$CFG->dirroot  = '/var/www/moodle';
$CFG->dataroot  = '/opt/moodle_data';
$CFG->admin    = 'admin';
$CFG->directorypermissions = 00777;  // try 02777 on a server in Safe Mode
require_once("$CFG->dirroot/lib/setup.php");
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES,
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE.
?>
== The tricky part ==
* Go to Administration ► Security ► HTTP security and set '''Use HTTPS for loginsloginhttps''' to true.
* You need to have the previous setup ready or you may lock yourself out of the server.

Latest revision as of 08:17, 9 August 2011

This page requires updating. Please do so and remove this template when finished.


A reverse proxy or surrogate is a proxy server that is installed in a server network. Typically, reverse proxies are used in front of Web servers. All connections coming from the Internet addressed to one of the Web servers are routed through the proxy server, which may either deal with the request itself or pass the request wholly or partially to the main web servers.

Requirements

  • You need ssl for authentication.
  • You run Apache 2.2 both in the backend and the frontend.
  • You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
  • You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003).
  • You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24.
  • You have an external facing apache using SSL.

Configuration for the external server

http.conf

(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
ProxyPreserveHost On
(snip)
Include conf/http-ssl.conf

http-ssl.conf

(snip)
ProxyPass / http://10.1.1.24/
ProxyPassReverse / http://10.1.1.24/
(snip)

config.php

<?php  /// Moodle Configuration File 

unset($CFG);

$CFG->dbtype    = 'mysql';
$CFG->dbhost    = 'localhost';
$CFG->dbname    = 'moodle';
$CFG->dbuser    = 'moodleuser';
$CFG->dbpass    = 'XXXXXXXX';
$CFG->dbpersist =  false;
$CFG->prefix    = 'mdl_';

$CFG->wwwroot   = 'http://trainer.moodle.org';
$CFG->dirroot   = '/var/www/moodle';
$CFG->dataroot  = '/opt/moodle_data';
$CFG->admin     = 'admin';

$CFG->directorypermissions = 00777;  // try 02777 on a server in Safe Mode

require_once("$CFG->dirroot/lib/setup.php");
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES,
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE.
?>

The tricky part

  • Go to Administration ► Security ► HTTP security and set Use HTTPS for loginsloginhttps to true.
  • You need to have the previous setup ready or you may lock yourself out of the server.