home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Book HomeApache: The Definitive GuideSearch this book

Chapter 9. Proxy Server

An important concern on the Web is keeping the Bad Guys out of your network (see Chapter 13, "Security"). One established technique is to keep the network hidden behind a firewall; this works well, but as soon as you do it, it also means that everyone on the same network suddenly finds that their view of the Net has disappeared (rather like people living near Miami Beach before and after the building boom). This becomes an urgent issue at Buttherthlies, Inc., as competition heats up and naughty-minded Bad Guys keep trying to break our security and get in. We install a firewall and, anticipating the instant outcries from the marketing animals who need to get out on the Web and surf for prey, we also install a proxy server to get them out there.

So, in addition to the Apache that serves clients visiting our sites and is protected by the firewall, we need a copy of Apache to act as a proxy server to let us, in our turn, access other sites out on the Web. Without the proxy server, those inside are safe but blind.

9.1. Proxy Directives

We are not concerned here with firewalls, so we take them for granted. The interesting thing is how we configure the proxy Apache to make life with a firewall tolerable to those behind it.

site.proxy has three subdirectories: cache, proxy, real. The Config file from ... /site. proxy/proxy is as follows:

User webuser
Group webgroup
ServerName www.butterthlies.com

Port 8000
ProxyRequests on
CacheRoot /usr/www/site.proxy/cache
CacheSize 100000

The points to notice are that:

  • On this site we use ServerName www.butterthlies.com.

  • The Port number is set to 8000 so that we can change proxies without having to change users' Configs.

  • We turn ProxyRequests on and provide a directory for the cache, which we will discuss later in this chapter.

  • CacheRoot is set up in a special directory.

  • CacheSize is set to 100000 kilobytes.

Library Navigation Links

Copyright © 2001 O'Reilly & Associates. All rights reserved.