Comment on Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux by admin.
Also if there are troubles with ProxyPass and ProxyPassReverse directives to load or for some reason Reverse proxy is not working.
Make sure in your Virtualhost you have;
SSLEngine On
SSLProxyEngine on
admin Also Commented
Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux
It is interesting to mention also that some clients prefer forward proxy to make possible access from Internal network clients via Forward Proxy to the Internet pretty much the opposite of Reverse Proxy
Forward Proxy
A forward proxy brokerages the request of the client and forwards the request to the destination of the client’s choice contingent on the configuration of the forward proxy.
Most common uses are to
Bypass firewall restrictions.
Cache static resources and save bandwidth.
Control what resources clients can access.
Reverse Proxy
A reverse proxy brokerages the request of the client and forwards the request to the destination purely based on the configuration of the reverse proxy.
Most common uses of a reverse proxy are to
Redirect traffic to machines on the internal network.
Keep the client unaware of which machine they are accessing.
Perform load balancing.
A central point for Web Application Firewall monitoring.
Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux
One note to make:
In order for ReverseProxy to work you need to have configured in Apache:
- mod_proxy
- mod_proxy_http
- mod_proxy_connect
To check whether Apache has been compiled with support for this modules issue:
./apachectl -t -D DUMP_MODULES
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authnz_ldap_module (static)
authz_default_module (static)
auth_basic_module (static)
dumpio_module (static)
include_module (static)
filter_module (static)
ldap_module (static)
log_config_module (static)
log_forensic_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
usertrack_module (static)
unique_id_module (static)
setenvif_module (static)
proxy_module (static)
proxy_connect_module (static)
proxy_ftp_module (static)
proxy_http_module (static)
proxy_scgi_module (static)
proxy_ajp_module (static)
proxy_balancer_module (static)
ssl_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
status_module (static)
asis_module (static)
info_module (static)
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
php5_module (shared)
deflate_module (shared)
auth_certificate_module (shared)
proxy_add_user_module (shared)
Syntax OK
Apache Reverse Proxy to Tomcat – What is reverse proxying and how to configure it on Linux
P.S. I read further Reverse proxy can be configured also using mod_jk2.
On Debian Linux its necessary to have enabled modules
proxy and proxy_http
In Debian Linux make sure you have also run:
# sudo a2enmod proxy
# sudo a2enmod proxy_http
Recent Comments by admin
Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
–rwo, –report-warnings-only
This option causes only warning messages to be displayed. This can be useful when rkhunter is run via cron. Other options may
be used to force other items of information to be displayed.
–sk, –skip-keypress
When the –check command option is used, after certain sections of tests, the user will be prompted to press the return key
in order to continue. This option disables that feature, and rkhunter will run until all the tests have completed.
Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
As rkhunter check, can be pretty annoying and ask you to press keypresses multiple times and spit you a lot of unnecessery data a very good useful option arguments are:
–rwo and –sk
# rkhunter -c –rwo –sk
Warning: The SSH and rkhunter configuration options should be the same:
SSH configuration option 'PermitRootLogin': yes
Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
Sorry for really late reply.
perhaps you have to create it or rename the ifcfg-eno1 to ifcfg-eth1 or you have some old ifcfg-enp1s0f0 or ifcfg-eno still under /etc/sysconfig/network-scripts/ interfering
How to RPM update Hypervisors and Virtual Machines running Haproxy High Availability cluster on KVM, Virtuozzo without a downtime on RHEL / CentOS Linux
if you happen to be missing versionlock plugin and you need to get use of it
yum versionlock capabilities
You will have to install yum-utils package:
For example on CentOS 8 Linux, to enable the yum versionlock plugiun
yum install yum-utils.noarch
In case if by default log is not configured for snoopy,
these are default output locations on various Linux distributions:
Distribution | Snoopy output location | Notes |
---|---|---|
CentOS |
/var/log/secure
|
|
Debian |
/var/log/auth.log
|
|
Ubuntu |
/var/log/auth.log
|
|
(others) |
/var/log/messages
|
(potentially, could be elsewhere) |