Feed Item
Added a class  to  , Linux Servers Set Up & Management

So we don't want to expose a http open port publicly.

We can use the firewall to block http

We can then use a reverseproxy whereas if the external user on the internet goes to :

https://abc.com.au/api/generate_answers/ it will be redirected to http://localhost:33333 and send the answer back out through the https://

In /etc/apache2/sites-available/000-default.conf add the following where the Virtual Host section is on :443

443>
DocumentRoot /var/www/html/
ServerName server.abc.com
ServerAlias server.abc.com
<Directory /var/www/html/>
Options FollowSymlinks
AllowOverride All
Require all granted
Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /api/generate_answers/ http://localhost:30013/generate_answers/
ProxyPassReverse /api/generate_answers/ http://localhost:30013/generate_answers/
ProxyPass /engine http://localhost:30013
ProxyPassReverse /engine http://localhost:30013
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server.abc.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.abc.com/privkey.pem
## Include /etc/letsencrypt/options-ssl-apache.conf
VirtualHost>
IfModule>

Making sure you change the "abc" to your domain and the port number to the one you assigned.

After Editting the .conf file - enable proxy and reverse proxy in Apache.

sudo a2enmod proxy
sudo a2enmod proxy_http

Restart Apache.

IMREAL.LIFE

Close