To do this, we can disable http methods in Apache and use reverse proxy processing all requests to every application which is not with Apache but servlet web containers. And following content shows how to achieve this goal step by step.
Set up reverse proxy
a) Ubuntu: https://help.ubuntu.com/community/ApacheReverseProxy
b) CentOS
Install Apache HTTP Server
Make sure your system is up to date by issuing the following command:
yum update
Enter the following command to install the Apache HTTP Server:
yum install httpd
Issue the following command to start the web server:
/etc/init.d/httpd start
To ensure that Apache starts following the next reboot cycle, issue the following command:
chkconfig httpd on
To install PHP support, including common support bundles, issue the following command:
yum install php php-pear
Enabling the Proxy Module
The CentOS package of the Apache HTTP server includes the proxy module. To enable this module, create the /etc/httpd/conf.d/proxy.conf file with the following content.
File excerpt:/etc/httpd/conf.d/proxy.conf
<IfModule mod_proxy.c>
#turning ProxyRequests on and allowing proxying from all may allow
#spammers to use your proxy to send email.
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
</Proxy>
ProxyPass /app http://localhost:8080/app
ProxyPassReverse /app http://localhost:8080/app
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
ProxyVia On
</IfModule>
This turns on proxy support in the module configuration. Please note the warning regarding the ProxyRequests directive. It should be "off" in your configuration. Next, we'll issue the following command to restart Apache:
/etc/init.d/httpd restart
Apache should restart cleanly. If you encounter any issues, you may wish to inspect the logs available under /var/log/httpd/ for more information.
How to create a ssl certificate on Apache
a) For Ubuntu: https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04
b) For CentOS: https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-centos-6
HOWTO: Disable HTTP Methods in Apache
There are a minimum of four components to a mod_rewrite rule; the directive that loads the module, the directive that turns the rewrite engine on, a rewrite condition, and a rewrite rule.
Since mod_rewrite is so commonly used, the directive that loads the module will more likely than not already be present. Search your apache configuraction file(s) for mod_rewrite.so (in /etc/httpd/modules). If it is not found, add the following line to your apache configuration file (typically known as /etc/httpd/confhttpd.conf):
LoadModule rewrite_module path/to/apache/modules/mod_rewrite.so
To enable the rewrite engine and force https for entire server, add the following:
# # Enable the rewrite engine and force https for entire server # RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
No comments:
Post a Comment