Server Fault Asked by André Winston on November 24, 2021
I have a certain machine that recently got external access, but only to a few ports (SSH, HTTP and HTTPS.) Now this machine must provide access to some other services (e.g. RabbitMQ, Tomcat, etc), but I don’t want to give these ports external access.
My first thought was to redirect HTTP requests on port 80 to those services. For example:
http://<machine_ip>:80/tomcat
should be equivalent to http://<machine_ip>:8080
I was wondering if Nginx, HAProxy, or some other proxy-related software could help me out with this. What suggestions do you have? Keep in mind that I am fairly new to system administration in general.
I have a suggestion for you: You can use Apache for proxying (clustering) the webpage. For example, you enter http://example.com/tomcat and Apache will pass the request to http://example.com:8080/. It is easy to do:
When you defined a new VirtualHost block in the Apache configuration file, then add these lines to it (make sure you have mod_proxy enabled):
<Proxy balancer://custom-balancer-name>
BalancerMember http://localhost:8080 #Enter the address of the second machine or service
</Proxy>
ProxyPass /tomcat balancer://custom-balancer-name
ProxyReversePass /tomcat balancer://custom-balancer-name
Hope you find my answer helpful.
Answered by MBiabanpour on November 24, 2021
You can use .htaccess file for doing that. First, create a .htaccess
file in your document root, and then paste these lines into it:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^tomcat/(.*[^/])/?$ http://%{HTTP_HOST}:8080/$1/ [R=301,L]
I hope I helped you.
Answered by MBiabanpour on November 24, 2021
Well you can use HAProxy for that. Please take your time because it's not a easy task especially when the topic is new.
There are several options which you can use.
add per service one listen block
listen rabbit
bind ::5672
mode tcp
... some other haproxy options
server rabbit-srv IP:PORT
listen ....
you can use SNI (Server Name Indication) routing with frontend/backend combination to keep a single port usage for the services which use TLS for there communication. I have created a picture how the SNI Routing works, the example configuration uses HAProxy How does the SNI Routing works in HAProxy
I don't know which version of HAProxy you use therefore here the link for the latest HAProxy version 2.2.
http://cbonte.github.io/haproxy-dconv/2.2/configuration.html
Answered by Aleksandar on November 24, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP