Setting up a forward proxy service is actually very straightforward. First, you must make sure the Apache 2.0 installation has been configured with the proxy module enabled. I also prefer to use a separate Apache installation to handle the proxy service. This makes the configuration easier — especially as it means we can easily create a proxy server on an alternative IP and port allocation — and provides far more flexibility. For example, you can start and stop the proxy service independent of the main Apache Web server. This is particularly useful should you wish to update the blocking settings.
SWatch Reader Favorite! A forward proxy server provides Internet access for any number of clients via a single server. Learn how to configure your Apache server to accomplish these tasks and reap the benefits.
To enable the proxy module during the configuration use the –enable-proxy option to configure; to specifically enable HTTP and FTP proxy services, and relocate Apache to a separate directory, run configure with the following command line options:
configure --prefix=/export/http/apache2.proxy --enable-proxy
(For example purposes, we’ve broken the code into two lines. To enable the proxy module, the code must appear on one line.)
Once you’ve configured, built and installed the new Apache installation, you must update the configuration file or create a new one. The latter option is preferable, and with a proxy service, the configuration file is as simple as:
ServerRoot "/export/http/apache2.proxy" Listen 192.168.1.8:8001 User nobody Group nobody ProxyRequests On
Going through that file step by step:
- ServerRoot specifies the root directory used to hold the Apache configuration files.
- Listen specifies the IP address and port number on which Apache will listen for requests. Although 8001 is used in this example, other common values are 8080, 8000, and 8008. (Remember that within Unix, anything lower than 1024 must first be executed by root to gain access to the port.)
- User/Group sets the user name and group name to the one that the server will use during execution. This includes the typical ‘nobody’ accounts here, as well as special proxy accounts set up for that purpose. (If you are using names, you must also create the corresponding entries in the passwd/groups files.)
- ProxyRequests configures Apache as a forward proxy.
That’s it — that’s all you need to do to set up a proxy service within Apache. However, before rushing off to create one, there are several other configuration parameters to consider, including the security of the new proxy server and whether to enable caching.
Original date of publication, 10/15/2003