Previous class
Apache Reverse Proxy on Port
So we don't want to expose a http open port publicly.
We can use the firewall to block http
We can then use a reverseproxy whereas if the external user on the internet goes to :
https://abc.com.au/api/generate_answers/ it will be redirected to http://localhost:33333 and send the answer back out through the https://
In /etc/apache2/sites-available/000-default.conf add the following where the Virtual Host section is on :443
443>
DocumentRoot /var/www/html/
ServerName server.abc.com
ServerAlias server.abc.com
<Directory /var/www/html/>
Options FollowSymlinks
AllowOverride All
Require all granted
Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /api/generate_answers/ http://localhost:30013/generate_answers/
ProxyPassReverse /api/generate_answers/ http://localhost:30013/generate_answers/
ProxyPass /engine http://localhost:30013
ProxyPassReverse /engine http://localhost:30013
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server.abc.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.abc.com/privkey.pem
## Include /etc/letsencrypt/options-ssl-apache.conf
VirtualHost>
IfModule>
Making sure you change the "abc" to your domain and the port number to the one you assigned.
After Editting the .conf file - enable proxy and reverse proxy in Apache.
sudo a2enmod proxy sudo a2enmod proxy_http
Restart Apache.
Next class