Apache Windows forward proxy configuraton HowTo
If you want to configure Apache Server as a forward proxy there is some very confusing help on-line. I’ll attempt within this hint to keep it simple and to the point. As Apache comes from a UNIX background you will have to edit/create a few config files along the way, it’s not that bad I can assure you.
You can get Apache from here http://httpd.apache.org/download.cgi, I downloaded httpd-2.2.21-win32-x86-openssl-0.9.8r.msi for my install.
The first thing to do is to install Apache, when this has been done you will need to edit the file httpd.conf (this is Apache’s main configuration file), it should be in a location similar to this “C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf” depending on your install path.
When you have located the file open it with a text editor like Notepad and un-comment the required modules, some modules will already be uncommented, make sure the following are too un-commented:
LoadModule cache_module modules/mod_cache.so LoadModule deflate_module modules/mod_deflate.so LoadModule mem_cache_module modules/mod_mem_cache.so LoadModule disk_cache_module modules/mod_disk_cache.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
It is a good idea to use a port other than 80 for the proxy to listen on so change the httpd.conf to reflect this, I used TCP Port 8081:
Listen 8081
Change the ServerName directive to reflect this change as well:
ServerName proxyserver.yourdomain.local:8080
Or, use your IP address if you are not using DNS locally
ServerName 192.168.*.*:8080
Save the httpd.conf file and restart Apache.
If Apache doesn’t restart please check there are no typo’s in anything you have changed. Once apache comes restarts re-open the httpd.conf file and un-comment or add the following lines if they don’t already exist.
Include conf/extra/httpd-mpm.conf Include conf/extra/httpd-vhosts.conf Include conf/extra/httpd-deflate.conf Include conf/extra/httpd-cache.conf
In the conf/extra directory you will need to create the files that are in the referenced in the Include directives.
Firstly create a new text file with the name of httpd-cache.conf and insert all of the below text, making sure you change the Allow from and NoProxy Directives to reflect your local networks.
# http://httpd.apache.org/docs/2.2/mod/mod_proxy.html <IfModule mod_proxy.c> ProxyRequests On <Proxy *> Order Deny,Allow Deny from all Allow from 192.168.*.*/255.255.*.* </Proxy> ProxyVia On </IfModule> <IfModule mod_cache.c> <IfModule mod_disk_cache.c> CacheRoot \"C:/temp/proxy\" CacheEnable disk / CacheDirLevels 3 CacheDirLength 2 CacheMaxFileSize 100000000 CacheDefaultExpire 259200 CacheMaxExpire 432000 </IfModule> ProxyTimeout 60 NoProxy 192.168.*.*/255.255.*.* # When acting as a proxy, don\'t cache the list of security update CacheDisable http://security.update.server/update-list/ </IfModule> # End of proxy directives
Secondly create a new text file with the name of httpd-deflate.conf and add the below text:
# http://httpd.apache.org/docs/2.2/mod/mod_deflate.html <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/css application/x-javascript #Highest 9 - Lowest 1 DeflateCompressionLevel 2 SetEnvIfNoCase Request_URI \\.(?:gif|jpe?g|png)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.pdf$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wmv$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wma$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.swf$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wav$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wmd$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wmz$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.mcf$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wmx$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wm$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.wax$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.asf$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.rm$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.pls$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.asx$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.mpg$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.mp2$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.mp3$ no-gzip dont-vary SetEnvIfNoCase Request_URI \\.avi$ no-gzip dont-vary </IfModule>
That should be it, restart Apache once more and test the proxy with a Browser like Firefox or IE, preferably from another host on your local network.
Make sure the proxy host has an exception within its firewall configuration to allow inbound traffic on whichever TCP Port you have set your proxy server to listen on (8081 in my case).
Hope this helps.
Customer Feedback
Here at A.D.I. We approached Nettop for a bespoke I.T. system to enhance the productivity and efficiency of our business, since day one Nettop have exceeded our expectations of how customer service should be, they constantly provide excellent advice and value for money.
SVSNI provide cutting edge surveillance systems to companies world wide, this work requires a fast and reliable IT infrastructure. Nettop were able to design and implement such a system whilst working to our timescales and within our budgetary requirements.
At Leading edge when we look for a business partner we tend to look for three things; are they competent, do they seem to care about our business and are they a cultural match (in other words do we get on with them on a personal level) In the four years we have been working with Nettop we have found them to be excellent in all three areas. I have no hesitation in recommending them.
In our business IT is a very large factor to consider and therefore we require a competent and reliable service available to us at all times. Nettop full fill this requirement and more, with their vast knowledge and friendly manner. We will continue to recommend them to our clients and colleagues.
Comer industries is a company which is constantly aiming for innovation and customer satisfaction. When we select Partners we are generally tempted in looking for similar peculiarities, but it is not always easy and immediate. With Nettop we have found it during the first meeting, together with a high level of professionalism and competence. It has not been difficult starting a business relationship which it is going to be durable and fruitful.
Our Customers
Unknown