=head1 Front-end Back-end Proxying with Virtual Hosts
This section explains a configuration setup for proxying your back-end
mod_perl servers when you need to use Virtual Hosts.
The approach is to use unique port number for each virtual host at the
back-end server, so you can redirect from the front-end server to
localhost::1234, and name-based virtual servers on the front end, though
any technique on the front-end will do.
If you run the front-end and the back-end servers on the same machine
you can prevent any direct outside connections to the back-end server
if you bind tightly to address C<127.0.0.1> (I<localhost>) as you will
see in the following configuration example.
The front-end (light) server configuration:
<VirtualHost 10.10.10.10>
ServerName www.example.com
ServerAlias example.com
RewriteEngine On
RewriteOptions 'inherit'
RewriteRule \.(gif|jpg|png|txt)$ - [last]
RewriteRule ^/(.*)$ http://localhost:4077/$1 [proxy]
</VirtualHost>
<VirtualHost 10.10.10.10>
ServerName foo.example.com
RewriteEngine On
RewriteOptions 'inherit'
RewriteRule \.(gif|jpg|png|txt)$ - [last]
RewriteRule ^/(.*)$ http://localhost:4078/$1 [proxy]
</VirtualHost>
The above front-end configuration handles two virtual hosts:
I<www.example.com> and I<foo.example.com>. The two setups are almost
identical.
The front-end server will handle files with the extensions I<.gif>,
I<.jpg>, I<.png> and I<.txt> internally, the rest will be proxified to
be handled by the back-end server.
The only difference between the two virtual hosts settings is that the
former rewrites requests to the port C<4077> at the back-end machine
and the latter to the port C<4078>.
The back-end (heavy) server configuration:
Port 80
PerlPostReadRequestHandler My::ProxyRemoteAddr
Listen 4077
<VirtualHost localhost:4077>
ServerName www.example.com
Port 80
DirectoryIndex index.shtml index.html
</VirtualHost>
Listen 4078
<VirtualHost localhost:4078>
ServerName foo.example.com
Port 80
DirectoryIndex index.shtml index.html
</VirtualHost>
The back-end server knows to tell which virtual host the request is
made to, by checking the port number the request was proxified to and
using the appropriate virtual host section to handle it.
We set S<"Port 80"> so that any redirects don't get sent directly to
the back-end port.
To get the I<real> remote IP addresses from proxy, the
L<My::ProxyRemoteAddr|scenario/Getting_the_Remote_Server_IP_in_>
handler is used based on the C<mod_proxy_add_forward> Apache module.
Prior to mod_perl 1.22+ this setting must have been set per-virtual
host, since it wasn't inherited by the virtual hosts.
The following configuration is yet another useful example showing the
other way around. It specifies what to be proxified and than the rest
is served by the front end:
RewriteEngine on
RewriteLogLevel 0
RewriteRule ^/(perl.*)$ http://127.0.0.1:8052/$1 [P,L]
RewriteRule ^proxy:.* - [F]
ProxyRequests on
NoCache *
ProxyPassReverse / http://www.example.com/
So we don't have to specify the rule for the static object to be
served by the front-end as we did in the previous example to handle
files with the extensions I<.gif>, I<.jpg>, I<.png> and I<.txt>
internally.
______________________________________________________________________
Stas Bekman | JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ | mod_perl Guide http://perl.apache.org/guide
mailto:[EMAIL PROTECTED] | http://perl.org http://stason.org/TULARC/
http://singlesheaven.com| http://perlmonth.com http://sourcegarden.org
----------------------------------------------------------------------
