Differences

This shows you the differences between two versions of the page.

--- joomla:reverseproxy [2026/05/19 22:54] – created Bernard Condrau
+++ joomla:reverseproxy [2026/05/19 23:13] (current) – Bernard Condrau
@@ Line 1: / Line 1: @@
 ====== Reverse Proxy ======
+  - VirtualHost on proxy server:<code><VirtualHost *:80>
+        ServerName demo.bethicoleague.org
+        Redirect 301 / https://demo.bethicoleague.org/
+        ErrorLog ${APACHE_LOG_DIR}/http-error.log
+        CustomLog ${APACHE_LOG_DIR}/http-access.log combined
+        RewriteEngine on
+        RewriteCond %{SERVER_NAME} =demo.bethicoleague.org
+        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
+<VirtualHost *:443>
+        ServerName demo.bethicoleague.org
+        ServerAdmin bernard@condrau.com
+        php_value date.timezone "Asia/Bangkok"
+        ErrorLog ${APACHE_LOG_DIR}/bco/joomla5-error.log
+        CustomLog ${APACHE_LOG_DIR}/bco/joomla5-access.log combined
+        SSLEngine on
+        RequestHeader set X-Forwarded-Proto "https"
+        ProxyRequests Off
+        ProxyPreserveHost On
+        ProxyPass "/" "http://serenity.condrau.com:8080/"
+        ProxyPassReverse "/" "http://serenity.condrau.com:8080/"
+        <Proxy *>
+                Require all granted
+        </Proxy>
+        <Location "/">
+                # Block aggressive spiders by giving 429, too many requests
+                Include conf-available/bco-spiders.conf
+        </Location>
+        <Location "/html/">
+                # Allow access for Bernard's locations only
+                Include conf-available/bco-remote-addr.conf
+        </Location>
+        ## make sure nobody gets the htaccess, README, COPYING or VERSION files
+        <Files ~ "^([\._]ht|README$|VERSION$|COPYING$)">
+                Require all denied
+        </Files>
+        ## Don't allow access to git directories
+        <IfModule alias_module>
+                RedirectMatch 404 /\.git
+        </IfModule>
+Include /etc/letsencrypt/options-ssl-apache.conf
+SSLCertificateFile /etc/letsencrypt/live/bethicoleague.com/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/bethicoleague.com/privkey.pem
+</VirtualHost>
+</code>
+  - VirtualHost on content server:<code># This is a proxied server, SSL is handled by the proxy
+<VirtualHost *:8080>
+        ServerAdmin bernard@condrau.com
+        DocumentRoot /home/bco/www/bethico/bethicoleague_joomla5
+        Alias /html/ /home/bco/html/
+        <Directory /home/bco/www/bethico/bethicoleague_joomla5/>
+                Options FollowSymlinks
+                AllowOverride All
+                Require all granted
+        </Directory>
+        <Directory /home/bco/html/>
+                Require all granted
+        </Directory>
+        ErrorLog ${APACHE_LOG_DIR}/joomla5-error.log
+        CustomLog ${APACHE_LOG_DIR}/joomla5-access.log combined
+</VirtualHost>
+</code>
   - Set Joomla Live URL in ''/configuration.php''

Differences

Know How