# NASA HW7 SA 資工二 B07902046 高長聖 ## Web Terminology #### 1. reference: https://en.wikipedia.org/wiki/Proxy_server https://www.rswebsols.com/tutorials/technology/proxy-server-advantages-disadvantages Proxy server是一種在client端以及server端扮演intermediary的工具。當client端要和sever端連線時，client會先連到proxy，然後再請求proxy連線至目標的server。因此，當client對server發出request時，可以藉由proxy獲得目標資源，或者在proxy原本存下的cache中得到此資源。這樣有以下優勢: (1) 效率: client可以獲得proxy的cache data，以節省重新從伺服器request的時間 (2) 安全性: proxy可以避免重要資訊洩漏(例如: IP位址) (3) Load balancing: 由於proxy中良好的cache system，當有許多clients對同一個網站進行request，則只要proxy對server request一次即可 #### 2. reference: https://en.wikipedia.org/wiki/Reverse_proxy#:~:text=In%20computer%20networks%2C%20a%20reverse,from%20the%20proxy%20server%20itself. https://dzone.com/articles/benefits-reverse-proxy#:~:text=Here%20the%20reverse%20proxy%20handles,and%20management%20for%20SSL%2FTLS Reverse proxy server會根據client端的request，而向其背後的一個或多個server尋求資源。此時，reverse proxy server是作為server端的代理，因此client端只需要reverse proxy server的IP位址，而不用知道其他背後server的資訊。使用reverse proxy有以下好處: (1) 效率: 由於cache system的存在，reverse proxy可以直接將cache data回應相同的request，以節省從新向伺服器request的時間 (2) 安全性: 由於reverse server的存在，原本進行服務的server可以更安全的躲藏於subnet中，避免直接的internet access (3) Authentication: 可以利用reverse proxy對所有的HTTP requests提供單點的authentication #### 3. reference: https://www.javatpoint.com/difference-between-apache-and-nginx#:~:text=Let's%20see%20the%20difference%20between,server%20and%20reverse%20proxy%20server.&text=In%20Apache%2C%20single%20thread%20is,Nginx%20can%20handle%20multiple%20connections. https://serverguy.com/comparison/apache-vs-nginx/ difference: (1) Apache提供多種不同的multiprocessing的modules來處理多個client request，而Nginx是使用asynchronous的方式，以single process來處理client request。 (2) 在處理static content上，Nginx的表現要優於Apache。而在處理dynamic content，Nginx無法處理dynamic content，因此必須選擇Apache (3) Apache可以支援Unix-like system以及Windows system，而Nginx只可以支援大部分的Unix-like system以及部分的Windows system。 $\Rightarrow$ (1) 當伺服器是需要架在Windows系統的話，使用Apache會比較合適 (2) 當伺服器需要處理大量static content，使用Nginx會比較合適 ## Configuration Directives in Apache reference: https://httpd.apache.org/docs/2.4/custom-error.html https://httpd.apache.org/docs/2.4/howto/access.html https://httpd.apache.org/docs/2.4/mod/mod_authz_host.html https://www.namecheap.com/support/knowledgebase/article.aspx/9821/38/apache-redirect-to-https #### 1. ``` ErrorDocument 404 /errors/not_found.html ``` #### 2. ``` <Files "private.html"> <RequireAll> Require ip 192.168.100.0/255.255.255.0 </RequireAll> </Files> ``` #### 3. ``` Redirect permanent / https://www.example.com/ ``` ## Apache as Reverse Proxy reference: https://www.youtube.com/watch?v=l-zydOW9xCg https://linuxtechlab.com/apache-as-reverse-proxy-centos-rhel/ ### Preparation: #### (1) 設置兩台VM: Backend Host、Reverse Proxy Host 兩台VM都是兩張網卡:NAT, Bridge Backend Host: 192.168.56.110 Reverse Proxy Host: 192.168.56.109 #### (2) 兩台VM都先下載啟動apache，並開啟防火牆的http服務: ```bash= yum install httpd systemctl enable httpd systemctl start httpd firewall-cmd --add-service=http --permanent firewall-cmd --reload ``` ### Backend Host: #### (1) 設置簡單網頁: /var/www/html/index.html，並重啟httpd: ```bash= vim /var/www/html/index.html >>> # add your content >>> systemctl restart httpd ``` 測試結果:  ### Reverse Proxy Host: #### (1) 下載並啟動mod_proxy、mod_proxy_http module: ```bash= vim /etc/httpd/conf/http.conf >>> LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so >>> systemctl restart httpd ``` #### (2) 更改apache configuration file並重新啟動httpd: ```bash= vim /etc/httpd/conf/httpd.conf >>> <VirtualHost *:80> ProxyPreserveHost On ProxyPass / http://192.168.56.110/ ProxyPassReverse / http://192.168.56.110/ </VirtualHost> >>> systemctl restart httpd ``` 測試結果: