Using Apache as a reverse proxy ?

I would like to build and deploy multiple standalone web applications on a server that has a single public IP address.

I understand that one way to do this is to have each application running on a different port, and that works fine

For example

http://127.0.0.1:8080 (webapp1)
http://127.0.0.1:8081 (webapp2)

But I would like to do this all on port 80 or 443. Can anyone provide guidance on how to configure Apache to run as a reverse proxy in front of this type of set up so the web applications would be reachable via a simple url path ?

ie.

http://127.0.0.1/webapp1 is proxied to http://127.0.0.1:8080
http://127.0.0.1/webapp2 is proxied to http://127.0.0.1:8081

Many thanks

Adam

I think I understand what you’re asking. I run a server like this, 1 public IP address, several web apps each on a different port. To enable secure sites (https) I use certbot. It undertands apache, and can get and install free certificates from Let’s Encrypt and update the apache config files for you. It also will optionally create a re-direct so if a user tries http://your-site.com it redirects to https://your-site.com, and behind the scenes redirects to the port your app is using. The user’s browser still shows https://your-site.com.

You may need to install certbot on your server, but once installed run this command:

sudo certbot --apache

It will confirm which sites you want to enable and if you want the automatic redirect.

I recommend taking a backup of your server before you do this, just in case you don’t get the expected results. I run my servers as virtual machines, so I make sure I have a snapshot I can restore if anything goes wrong.

Firstly you set up your virtual website configs on apache’s sites_available folder as usual .
For each webapp an own file of course with different proxypass portnumber:

ProxyPass / http://localhost:port

To prevent Lets Encrypt to proceed forward you should add:

ProxyPass /.well-known !

Secondly I strongly suggest to use DNS names or at least subdomains. Direct IP calls are blocked in most firewalls and IDS/IPS systems.

You can see a complete Apache config in my Article “Gitea instead of GitHub” (Link) where I am basically doing the same but with gitea webapp.

[quote=491869:@Tomas Jakobs]Firstly you set up your virtual website configs on apache’s sites_available folder as usual .
For each webapp an own file of course with different proxypass portnumber:

ProxyPass / http://localhost:port

To prevent Lets Encrypt to proceed forward you should add:

ProxyPass /.well-known !

Secondly I strongly suggest to use DNS names or at least subdomains. Direct IP calls are blocked in most firewalls and IDS/IPS systems.

You can see a complete Apache config in my Article “Gitea instead of GitHub” (Link) where I am basically doing the same but with gitea webapp.[/quote]

Launching…

The application has gone off-line. Please try again later.
This application has encountered an error and cannot continue.

Thanks for all the suggestions.

Unfortunately, I could not get it to work in the manner I had planned.

In every case, that application would launch, but as described in Vigia Lin post, would go off-line. It appears the URL’s generated by the application would not get reverse proxied correctly.

The only way I could get it to work was via a different hostname per application.

For example:

http://webapp1.test.preemptive.com.au is proxied to http://test.preemptive.com.au:8080

This can be done with just

<VirtualHost *:80>
DocumentRoot “c:\temp\dummylocation”
ServerName webapp1.test.preemptive.com.au
ProxyPreserveHost On
ProxyPass / http://test.preemptive.com.au:8080/
ProxyPassreverse / http://test.preemptive.com.au:8080/

I think xojo should issue a white paper on how to get proxying working with web apps, particularly if web 2.0 only supports standalone deployment.