You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jon Brule <jo...@paramountcomputing.com> on 2007/03/19 16:04:00 UTC

[users@httpd] Reverse Proxy - How to disable HTTP access?

Good Morning,

First, I must apologize and confess to being a reverted newbie... 
Years ago (pre 2000), I worked with the Apache web server, but I find 
myself suffering from C.R.S. syndrome...

I have setup a reverse proxy for an internal HTTP Tomcat web service 
on a default configuration for Apache 2.2 web server. My additional 
configuration is as follows (system / host names changed to protect 
the guilty):

         #
         # Reverse Proxy Server: Backend system on Tomcat server
         #
         <IfModule mod_proxy.c>
         ProxyRequests Off

         <Proxy http://internet.com/system/*>
             Order deny,allow
             Deny from all
         </Proxy>

         ProxyPass /timesheet http://localhost:8080/system
         ProxyPassReverse /timesheet http://localhost:8080/system
         </IfModule>

The reverse proxy works fine when I attempt to go to the 
http://internet.com/system URL. I also discovered that SSL is 
available by default on my installation (Apache was installed via 
RedHat Fedora Core 6) using a default SSL localhost self-signed 
certificate. This means that the application is also available 
through the https://internet.com/system URL.

My chief question (one for which I am still coming the archives) is 
how do I disable the proxy configuration for the HTTP URL? I want 
only to proxy the system's access when the HTTPS protocol is used to 
connect to Apache. Can I do it with this type of configuration, or do 
I need to think about a virtual host?

Also, I assume the following to be an FAQ: How does one change the 
default localhost self-signed certificate to a custom one 
(self-signed or official)? Is this strictly done with OpenSSL work, 
or does it require some Apache configuration as well? Again, looking 
through the archives for this one too...

Any info would be greatly appreciated...


Thanks,
Jon Brule 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org