Mar 1 2016

Quick Case: Apache Reverse Proxy for Tomcat, Red5, and Websockets, on Redhat Linux

By Linux, Programming, Servers (*ix , scripting) 0 • Tags:

This specific content was written 8 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

reverse proxyQuick post outlining the steps and config I used to forward 2 different ports to 2 different servers (tomcat and red5), and to enable websockets on a Redhat server running apache 2.4.5 .

Servers/Apps and Ports:

Apache  – port 80
Red5 – port 5081
Tomcat – port 8585

 

Current Httpd configuration location on my own redhat server: /etc/httpd/conf/httpd.conf

Below is my httpd configuration:

Listen 80
Listen 5080

IncludeOptional conf.d/*.conf
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

<VirtualHost *:80>
ProxyPass /open/ http://localhost:5080/open/
ProxyPassReverse /open/ http://localhost:5080/open/

ProxyPass /idle/ http://localhost:5080/idle/
ProxyPassReverse /idle/ http://localhost:5080/idle/

ProxyPass /fcs/ http://localhost:5080/fcs/
ProxyPassReverse /fcs/ http://localhost:5080/fcs/

ProxyPass /close/ http://localhost:5080/close/
ProxyPassReverse /close/ http://localhost:5080/close/

ProxyPass /vod/ http://localhost:5080/vod/
ProxyPassReverse /vod/ http://localhost:5080/vod/

ProxyPass /call ws://localhost:8585/call
ProxyPassReverse /call ws://localhost:8585/call

ProxyPass /call/ ws://localhost:8585/call/
ProxyPassReverse /call/ ws://localhost:8585/call/

ProxyPass / http://localhost:8585/
ProxyPassReverse / http://localhost:8585/

RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://localhost:8585%{REQUEST_URI} [P]

</VirtualHost>

<VirtualHost *:5080>
#ProxyRequests On
ProxyPass / http://localhost:5081/
ProxyPassReverse / http://localhost:5081/
</VirtualHost>

Security Problems:

There is a chance security will stop apache from binding to a non default port.

[root@localhost red5105]# systemctl status httpd.service
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
Active: failed (Result: exit-code) since Tue 2016-03-01 12:29:30 EET; 16s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 31008 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
Process: 31005 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 31005 (code=exited, status=1/FAILURE)

See stackoverflow page following: http://stackoverflow.com/questions/17079670/httpd-server-not-started-13permission-denied-make-sock-could-not-bind-to-ad/22441885#22441885

I did not have issues with apache reverse proxy modules or needing to uncomment anything in the default apache config. If you do have problems you may need to.

 

Websocket Troubleshooting (Remaining Issue for Firefox):

I am waiting for a response to a stackoverflow question related to fixing websockets for firefox:

http://stackoverflow.com/questions/35719775/firefox-keep-alive-upgrade-ruining-websocket-through-apache-reverse-proxy

 



Menelaos Bakopoulos

Mr. Menelaos Bakopoulos is currently pursuing his PhD both at Center for TeleInFrastruktur (CTiF) at Aalborg University (AAU) in Denmark and Athens Information Technology (AIT) in Athens, Greece. He received a Master in Information Technology and Telecommunications Systems from Athens Information Technology and a B.Sc. in Computer Science & Management Information Systems from the American College of Thessaloniki. Since April 2008 he has been a member of the Multimedia, Knowledge, and Web Technologies Group.

More Posts

Related posts:

  1. Reverse Proxy in Apache2 (Ubuntu 10.04) for CouchDB
  2. A basic SQUID configuration providing Internet access through a specific network (Using VPN)
  3. Tunneling to VNC over SSH
  4. Easily validating your Varnish cache VCL file and other quick tips