=head1 Front-end Back-end Proxying with Virtual Hosts This section explains a configuration setup for proxying your back-end mod_perl servers when you need to use Virtual Hosts. The approach is to use unique port number for each virtual host at the back-end server, so you can redirect from the front-end server to localhost::1234, and name-based virtual servers on the front end, though any technique on the front-end will do. If you run the front-end and the back-end servers on the same machine you can prevent any direct outside connections to the back-end server if you bind tightly to address C<127.0.0.1> (I<localhost>) as you will see in the following configuration example. The front-end (light) server configuration: <VirtualHost 10.10.10.10> ServerName www.example.com ServerAlias example.com RewriteEngine On RewriteOptions 'inherit' RewriteRule \.(gif|jpg|png|txt)$ - [last] RewriteRule ^/(.*)$ http://localhost:4077/$1 [proxy] </VirtualHost> <VirtualHost 10.10.10.10> ServerName foo.example.com RewriteEngine On RewriteOptions 'inherit' RewriteRule \.(gif|jpg|png|txt)$ - [last] RewriteRule ^/(.*)$ http://localhost:4078/$1 [proxy] </VirtualHost> The above front-end configuration handles two virtual hosts: I<www.example.com> and I<foo.example.com>. The two setups are almost identical. The front-end server will handle files with the extensions I<.gif>, I<.jpg>, I<.png> and I<.txt> internally, the rest will be proxified to be handled by the back-end server. The only difference between the two virtual hosts settings is that the former rewrites requests to the port C<4077> at the back-end machine and the latter to the port C<4078>. The back-end (heavy) server configuration: Port 80 PerlPostReadRequestHandler My::ProxyRemoteAddr Listen 4077 <VirtualHost localhost:4077> ServerName www.example.com Port 80 DirectoryIndex index.shtml index.html </VirtualHost> Listen 4078 <VirtualHost localhost:4078> ServerName foo.example.com Port 80 DirectoryIndex index.shtml index.html </VirtualHost> The back-end server knows to tell which virtual host the request is made to, by checking the port number the request was proxified to and using the appropriate virtual host section to handle it. We set S<"Port 80"> so that any redirects don't get sent directly to the back-end port. To get the I<real> remote IP addresses from proxy, the L<My::ProxyRemoteAddr|scenario/Getting_the_Remote_Server_IP_in_> handler is used based on the C<mod_proxy_add_forward> Apache module. Prior to mod_perl 1.22+ this setting must have been set per-virtual host, since it wasn't inherited by the virtual hosts. The following configuration is yet another useful example showing the other way around. It specifies what to be proxified and than the rest is served by the front end: RewriteEngine on RewriteLogLevel 0 RewriteRule ^/(perl.*)$ http://127.0.0.1:8052/$1 [P,L] RewriteRule ^proxy:.* - [F] ProxyRequests on NoCache * ProxyPassReverse / http://www.example.com/ So we don't have to specify the rule for the static object to be served by the front-end as we did in the previous example to handle files with the extensions I<.gif>, I<.jpg>, I<.png> and I<.txt> internally. ______________________________________________________________________ Stas Bekman | JAm_pH -- Just Another mod_perl Hacker http://stason.org/ | mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] | http://perl.org http://stason.org/TULARC/ http://singlesheaven.com| http://perlmonth.com http://sourcegarden.org ----------------------------------------------------------------------