-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Reverse Proxy
A reverse proxy, also known as an "inbound" proxy is a server that receives requests from the Internet and forwards (proxies) them to a small set of servers, usually located on an internal network and not directly accessible from outside.
A reverse proxy can be used to allow authenticated users access to an intranet even when they are located outside. Users on the internal network can access intranet servers directly (their IP address is their authentication), but users outside it must authenticate themselves to the proxy server (usually with a username and password) in order to be allowed in.
Visit this page for a good overview of why you should be using a reverse proxy: http://mikehadlow.blogspot.com/2013/05/the-benefits-of-reverse-proxy.html
Lets say you have SickBeard, SABnzbd, Headphones, and Couchpotato installed and working locally. To get to each of these you would navigate to their ip/loclahost:port. Depending on how you setup the apps (binding an ip to your network adapter) you may or may not be able to get to the sites outside your network. You can use your cellphone with WiFi turned off if you want an easy way to test access outside your network. Most likely they are all running on the same machine/within the same network. So each ip would be the same but the port would just be different, remembering which port belongs to which application is not very user friendly. Also what if an app uses HTTP while another is using HTTPS? what if one app has authentication enabled but another doesn't? Well using a reverse proxy can make all this a lot more manageable.
Using a reverse proxy you could just go to an IP (or hostname if you use dyndns or something similar) but use /sickbeard, /sabnzbd, /couchpotato, /whatever instead of a different port. Not only does this make accessing your multiple apps more user friendly, it allows flexibility of being a gatekeeper to all the sites.
Before:
http://localhost:8081https://192.168.1.1:9090http://myname.no-ip.org:5000http://192.168.1.1:8181
After:
https://myname.no-ip.org/sickbeardhttps://myname.no-ip.org/sabnzbdhttps://myname.no-ip.org/couchhttps://myname.no-ip.org/music
You need to define what the reverse proxy entry point, make sure it matches where ever used.
So in our example above, we are using /sickbeard. So with sickbeard shutdown, go modify config.ini.
config.ini
web_root = /sickbeard
If you use the sabToSickBeard script, you will need to set the web_root variable here as well.
autoProcessTV\autoProcessTV.cfg
web_root = /sickbeard
httpd.conf
<Location /sickbeard>
order deny,allow
deny from all
allow from all
ProxyPass http://localhost:8081/sickbeard/
ProxyPassReverse http://localhost:8081/sickbeard/
</Location>
For help or questions visit us at #sickbeard on irc.freenode.net