Reverse Proxy with Squid
Introduction
If like me your ISP provides you with a single static IP address you may think that you are limited to running one web server. Or at the very best using NAT to ports other than port 80 on other servers. There are many reasons why you would wish to use more than one webserver. For example you may wish to have Apache serving one site and Microsoft IIS 6.0 serving another or even JBoss, Tomcat or some other application server.
Background
For my scenario I wished to run Apache and PHP. Indeed it is this combination on which this very site is running. In addition to this I also wished to run another site on IIS 6.0. I have various domain names belonging to myself and friends that are hosted on my primary webserver. These use Apaches built in Virtual Hosts directive however one site that I was asked to host required Microsofts IIS. I explored the many options that were available and concluded that using Squid as a reverse proxy would be my best option.
Equipment
My scenario uses three individual servers.
The reverse proxy - running Ubuntu 6.06
The Apache Web server - runnin Ubuntu 6.06
The IIS server - running Windows Server 2003
Configuring the Proxy
I used a base install of Ubuntu 6.06 and manually compiled the most recent version of Squid which as of this time of writing is Squid 2.4-Stable14. The only configure flag that I used was --prefix=/usr
Once Squid was compiled and installed I now had the following directory structure:
/usr/etc/squid.conf - Squid configuration file
/usr/var/logs - log file locations
/usr/var/cache - location of the cache itself.
Editing squid.conf
The supplied squid.conf is over 4000 lines long. Most of this is documentation added in the comments. For my purposes I created a new squid.conf from scratch.
By default Squid is configured to listen on TCP port 3128. As we wish to use Squid as a web server we need to tell it to listen on port 80 instead. So the first line of our new squid.conf is as follows:
http_port 80 accel defaultsite=www.sweetnam.eu vhost
The default site to be served is www.sweetnam.eu and we will use vhost directives to configure the other servers.
The next lines in the configuration are merely Squids default:
acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache access_log /usr/var/logs/access.log cache_log /usr/var/logs/cache.log cache_store_log /usr/var/logs/store.log refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20%
The next lines are where we begin to configure the two seperate servers.