This is one of the greatest features of Apache that I’ve found yet. We have an application that offers some web services, but runs on a Windows server. We don’t want to put the Windows server on the front lines, so we proxy requests from a Linux Apache server to the Windows server behind the firewall.
To make this work, you have to enable the proxy. Here’s what the proxy directives look like in our httpd.conf file:
Deny from all
Allow from 10.0.1.0/16
The nice thing about this configuration is that it will allow anything on our internal network to be proxied through, but external requests get denied (that’s what the Allow from part does). We only consume the web services internally (server processes or wrapper pages that control access), so this lets us make the output from the services available without actually exposing the Windows web server on the wild web.
To make the services description language available, you can add a <files> section and specify the extensions you want to let through from an external source (add this inside the IfModule block):
Deny from none
Allow from all
Now we can advertise the services publicly, even though we only satisfy them locally.
You then need to set up the virtual host sections for the proxied web sites. The virtual directory for the web services application should already be set up on the Windows server. In this directive, you specify the name of the directory to watch for, and then the http mapping to remote virtual directory on the Windows box.
<VirtualHost 10.0.1.1:80 ###.###.###.###:80>
ProxyPass /RemoteServiceVirtualDir/ http://windows_server/RemoteServiceVirtualDir/
PerlSetVar SSIPerlPass_Request no
Options SymLinksIfOwnerMatch +ExecCGI
Allow from all
Any requests for http://server.name.com/RemoteServiceVirtualDir will be forwarded to the Windows machine for resolution.