There are times when you want to strip off XL Deploy or XL Release ports while accessing XL Deploy/Release in browser for security reasons. This guide will help you get started with setting up an Apache Reverse Proxy server quickly so that you can access XLD/R via this proxy. This guide is based on Ubuntu but you can easily modify it according to your OS. Please note that the purpose of this article is to provide you with a very simple working setup quickly. More complex customisations & security enhancements are out of scope.
XL Release, XL Deploy, Ubuntu
|Steps to Perform|
Configure Reverse Proxy Server.
1. Install core product.
Install Apache, if not already done. It is as simple as issuing –
root@shashank-reverse-proxy-server:/home/shashank# apt-get install-y apache2 apache2-doc apache2-utils
2. Install necessary modules.
Issue below command to install modules required for proxy server.
root@shashank-reverse-proxy-server:/home/shashank# apt-get install
3. Enable Apache modules.
Issue below command to enable all the required Apache modules.
root@shashank-reverse-proxy-server:/home/shashank# a2enmod proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html
4. Configure proxy configuration.
We will now create an Apache proxy configuration file that will enable proxy. Start with creating a file like this.
root@shashank-reverse-proxy-server:/home/shashank# vim /etc/apache2/mods-available/mod_reverse_proxy.confBelow are the contents.
<IfModule mod_proxy.c> # If you want to use apache2 as a forward proxy, uncomment the # 'ProxyRequests On' line and the <Proxy *> block below. # WARNING: Be careful to restrict access inside the <Proxy *> block. # Open proxy servers are dangerous both to your network and to the # Internet at large. # # If you only want to use apache2 as a reverse proxy/gateway in # front of some web application server, you DON'T need # 'ProxyRequests On'. #ProxyRequests On <Proxy *> # AddDefaultCharset off # Require all denied # #Require local </Proxy> # Enable/disable the handling of HTTP/1.1 "Via:" headers. # ("Full" adds the server version; "Block" removes all outgoing Via: headers) # Set to one of: Off | On | Full | Block #ProxyVia Off </IfModule>
5. Define port for proxy server.
Now we need to define the port on which our proxy server must run. Issue this command after backing up the original file. You can also use the default port i.e. 80.
root@shashank-reverse-proxy-server:/home/shashank# sed -i -e 's/80/8889/g' /etc/apache2/ports.conf
You can see that I have replaced default port 80 with 8889. Choose any port that you like & is available. Default will also do.
6. Define a Virtual Host.
Its now time to define a Virtual Host which is a separate instance of your web-server(remember you can host multiple sites on a single Apache server). We are defining it to enable more fine-grained logs & customise proxy settings. Start with backing up the original default Virtual Host.
root@shashank-forward-proxy-server:/home/shashank# cp -p /etc/apache2/sites-enabled/000-default.conf /etc/apache2/sites-enabled/000-default.conf.orig
You can see that I have customised my proxy server in a way that whenever a request is made to IP address (or hostname/FQDN depending upon DNS/hosts file), it is redirected to the XL Deploy server.
In other words, I will point my browser to IP address of my Apache Proxy Server & it will redirect me to XL Deploy GUI. I also defined the custom log location.
<VirtualHost *:*> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com
7. Enable the Virtual Host.
Now enable your newly created Virtual Host.
root@shashank-forward-proxy-server:/home/shashank# a2ensite 000-default.conf
8. Restart Apache.
Configuration is now done & we must restart Apache to load these new settings.
root@shashank-reverse-proxy-server:/home/shashank# service apache2 restart * Restarting web server apache2 [Wed Dec 13 07:55:31.032735 2017] [proxy_html:notice] [pid 2940:tid 140143966525312] AH01425: I18n support in mod_proxy_html requires mod_xml2enc. Without it, non-ASCII characters in proxied pages are likely to display incorrectly.
|Access XL Deploy.|
My example is based off of XL Deploy, hence I have used XLD port in proxy settings. You can replace that with XLR port if needed.
To access XL Deploy or Release, point your browser to IP address/hostname/FQDN of your Apache proxy server. If you defined a non-default port in step #5, suffix that port.
If you check
Also, see the attached configuration files.
xl-release, xl-deploy, how-to, proxy, apache, reverse, system administration