Technitium DNS server zone high-availability

on
0

Personal HTTP Proxy using apache2's mod_proxy module with Oracle Cloud VPS

on

Apache HTTP Server can be configured in both a forward and reverse proxy (also known as gateway) mode.

An ordinary forward proxy is an intermediate server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target. The proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites.

1. Install apache2 and others useful packages.

sudo apt-get install apache2 cron rsyslog logrotate lsof dnsutils nano

2. Disable apache2 default configuration.

sudo a2dissite 000-default.conf

3. Enable apache2 proxy mods.

sudo a2enmod proxy proxy_http proxy_connect

4. Create /etc/apache2/sites-availble/forward_proxy.conf.

<VirtualHost *:8080>
    ProxyRequests On
    ProxyVia On

    <Proxy "*">
        Order deny,allow
        Allow from all
    </Proxy>

    ErrorLog ${APACHE_LOG_DIR}/error_forward_proxy.log
    CustomLog ${APACHE_LOG_DIR}/access_forward_proxy.log combined
</VirtualHost>

5. Enable the forward proxy setting.

sudo a2ensite forward_proxy.conf

6. Add/change listening apache2 listening port at /etc/apache2/ports.conf.

Listen 8080

7. Run below to double check apache2 is listening to the correct port.

sudo lsof -i -P -n | grep LISTEN

8. Allow port 8080 iptables firewall access.

-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT

9. Enable the new iptables firewall rule either by restarting the VPS or reload the new iptables rules.

sudo iptables-restore < /etc/iptables/rules.v4

10. To secure your personal proxy service, configure your iptables rules to only incoming access from your own fixed public IP.

-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -s xxx.xxx.xxx.xxx -j ACCEPT

11. For those who only have dynamic public IP, follow this guide to dynamic update the iptables rules using cron and ddns service.

12. Remember to allow port 8080 (ingress rules) on the Oracle Cloud's VPS/Virtual Cloud Network (VCN).

13. Configure manual proxy in your browser.

Comments

Post a Comment