🌐

Apache Reverse Proxy Setup

Sep 5, 2025

Overview

This lecture explains how to configure and manage the Apache HTTP Server as a reverse proxy, focusing on setup, load balancing, failover, and health checks.

Introduction to Reverse Proxy

  • Apache httpd can function as a reverse proxy, forwarding client requests to backend servers.
  • Clients only see the reverse proxy as the source of content, not the backend infrastructure.
  • Common reasons for using a reverse proxy include security, load balancing, high-availability, and centralized authentication.

Simple Reverse Proxying

  • Use the ProxyPass directive to map incoming requests to a backend server or cluster.
  • The ProxyPassReverse directive rewrites headers so responses appear from the reverse proxy, not the backend.
  • Specific paths (e.g., /images) can be proxied while other requests are handled locally.

Clusters and Balancers

  • A "balancer" is a group of backend servers (BalancerMembers) managed by Apache for load balancing.
  • Define a balancer with <Proxy> and BalancerMember directives and specify load balancing methods with ProxySet.

Balancer and BalancerMember Configuration

  • Balancer settings can be customized; e.g., loadfactor adjusts traffic distribution, and timeout sets response limits.
  • Example: Assign higher traffic to a server with loadfactor=3.

Failover

  • Configure hot spares and hot standbys to ensure continued availability if backend servers fail.
  • Workers in drain, stopped, or error state are replaced by hot spares; standbys are used if all others fail.
  • Load balancer sets are tried in order, including backup sets if necessary.

Balancer Manager

  • The balancer-manager tool provides a web interface to display and modify balancer and worker settings in real time.
  • Enable with <Location "/balancer-manager"> and restrict access for security.
  • Use BalancerPersist to make changes persistent after restarts.

Dynamic Health Checks

  • The mod_proxy_hcheck module can check the health of workers dynamically and out-of-band.
  • Workers can be "pinged" before sending requests to verify availability.

BalancerMember Status Flags

  • Workers have various statuses: Ok (available), Dis (disabled), Stop (administratively stopped), Ign (ignore-errors), Spar (hot spare), Stby (hot standby), Err (error), Drn (drain mode), HcFl (health check failed).

Key Terms & Definitions

  • Reverse Proxy — A server that forwards client requests to backend servers and returns their responses.
  • ProxyPass — Directive to map client requests to backend servers.
  • ProxyPassReverse — Directive to rewrite backend response headers.
  • Balancer — A group of backend servers managed for load balancing.
  • BalancerMember — An individual server in a balancer group.
  • loadfactor — Parameter controlling relative traffic to each worker.
  • Balancer Manager — Web interface for managing balancer settings.
  • Hot Spare — A backup server that replaces failed workers in real time.
  • Hot Standby — A server activated only if no other workers or spares are available.

Action Items / Next Steps

  • Review and experiment with ProxyPass, ProxyPassReverse, and <Proxy> configuration in your Apache setup.
  • Secure any balancer-manager URLs before enabling in production.
  • Consider enabling mod_proxy_hcheck for advanced health checks.
  • Read more on failover configuration and status flags for robust proxy setups.

View note source

https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html