Icecast, Rails, ntop, etherpad,… via Apache Webserver: ProxyPass

By , January 12, 2011 01:23

web services logoA quick tip, how to map web-apps on random ports to the main apache webserver. This way you can run these services on subdomains or sub-directories and support SSL encrypted  https connection, even if it is not directly supported.

Take care to not open a proxy for everybody or it can be abused by spammers. “ProxyPass” combined with “ProxyRequests Off” is save.

If the original port is not used anymore, it can be closed in the firewall. Only for the icecast stream it is s useful to keep :8000 open. By mapping to an internal IP a address of a virtual machine, you can also forward to vservers.

The admin webinterface on /admin/ can be redirected by mod_rewrite to a secure SSL connection.

Example: Icecast ProxyPass to map webinterface on port 8000 to apache subdomoain (port 80)

<VirtualHost *:80>
   ... # your vhost here: ServerName, Logs, etc
   ...
   # Proxy ACL
   ProxyRequests Off
   <Proxy>
      Order allow,deny
      Allow from all
   </Proxy>
   # Proxy directives
   ProxyPass / http://192.168.1.7:8000/
   ProxyPassReverse / http://192.168.1.7:8000/
   ProxyPreserveHost on

   # redirect /admin to https:
   RewriteEngine On
   RewriteRule /admin.*  https://tv.example.com:443/admin/ [R]
</VirtualHost>

Example: Icecast ProxyPass to map admin webinterface on port 8000 to apache subdomoain (port 443)


<VirtualHost *:443>
   ... # your vhost here: ServerName, Logs, etc
   ...
   SSLEngine On

   # Proxy ACL
   ProxyRequests Off
   <Proxy>
      Order allow,deny
      Allow from all
   </Proxy>
   # Proxy directives
   ProxyPass / http://192.168.1.7:8000/
   ProxyPassReverse / http://192.168.1.7:8000/
   ProxyPreserveHost on
</VirtualHost>

Comments are closed

WordPress Open Source Blog System
SynOptX Lab Theme