• December 6, 2025

Cobra Softwares Blog

Tech blog for new era

Cloud Native

How to Configure Apache as a Reverse Proxy with mod_proxy

How to Configure Apache as a Reverse Proxy with mod_proxy

Learn how to configure Apache as a reverse proxy with mod_proxy, perfect for hosting applications like ownCloud.

Introduction

Apache is a web server application that can serve dynamic web content or act as a reverse proxy —forwarding client requests to back-end applications. This article explains how to configure Apache as a reverse proxy with mod_proxy.

This guide proxies an ownCloud application on port 8080 under Docker, but you can use the same technique to host another application on a different port.

Prerequisites

  • Deploy a fresh Vultr Cloud Server.

    A Ubuntu 20.04 server is used in this article, but these instructions work for any Linux server running Apache.

  • Set up a DNS “A” record pointing to the server’s IP address. This guide uses the name app.example.com.
  • Connect to the server.
  • Log in as a non-root user with sudo privileges.
  • Update the server.
  • Install Apache.
  • Install Docker.

1. Enable Apache mod_Proxy

  1. Enable the Apache mod_proxy module. 
    $ sudo a2enmod proxy
  2. Enable additional modules. 
    $ sudo a2enmod proxy_http
$ sudo a2enmod proxy_balancer
$ sudo a2enmod proxy_wstunnel

    Here is what each module does:

    • mod_proxy: Implements proxying on the Apache server.
    • proxy_http: Handles proxy HTTP and HTTPS requests.
    • proxy_balancer: Enables load balancing.
    • proxy_wstunnel: Tunnels web socket connections to a back-end server.
  3. Restart Apache to activate modules. 
    $ sudo systemctl restart apache2

2. Set up the Back-end Application

As an example, set up an ownCloud container listening on port 8080 under Docker.

  1. Create the ownCloud docker container. 
    $ docker run -d --name owncloud -p 8080:8080 owncloud/server
  2. Start ownCloud. 
    $ docker start owncloud
  3. Verify that ownCloud is running. 
    $ docker ps

    Output:

      CONTAINER ID   IMAGE             COMMAND                  CREATED          STATUS          PORTS                                       NAMES
  3eaea7b55cfe   owncloud/server   "/usr/bin/entrypoint…"   36 seconds ago   Up 35 seconds   0.0.0.0:8080->8080/tcp, :::8080->8080/tcp   owncloud

3. Configure Apache as a Reverse Proxy

  1. Back up the default Apache virtual host configuration file. 
    $ sudo mv /etc/apache2/sites-available/000-default.conf  /etc/apache2/sites-available/origdefault.backup
  2. Create a new configuration file. 
    $ sudo nano /etc/apache2/sites-available/app.example.com.conf
  3. Add the following contents to the file. Change app.example.com to your server name. If you are setting up a proxy for a different app than the ownCloud example, you may need to update port 8080 to your application’s port number in the file below. 
      <VirtualHost *:80>

     ServerName app.example.com

     ProxyPreserveHost On
     ProxyPass / http://127.0.0.1:8080/
     ProxyPassReverse / http://127.0.0.1:8080/

  </VirtualHost>
  4. Save and close the file.

    Here is what each directive means:

    • ProxyPreserveHost: Forwards the original host header to the back-end application.
    • ProxyPass: Specifies that all requests / are forwarded to the back-end application port.
    • ProxyPassReverse: Negates ProxyPass by modifying response headers from the back-end application.
  5. Activate the configuration file. 
    $ sudo ln -s /etc/apache2/sites-available/app.example.com.conf  /etc/apache2/sites-enabled/app.example.com.conf
  6. Test the Apache configuration for errors. 
    $ sudo apachectl configtest
  7. Restart Apache to load changes. 
    $ sudo service apache2 restart

4. Secure the server

  1. Configure the firewall to allow HTTP traffic on port 80. 
    $ sudo ufw allow 80/tcp
  2. Allow HTTPS on port 443. 
    $ sudo ufw allow 443/tcp
  3. Restart the firewall. 
    $ sudo ufw reload

5. Setup SSL

  1. Install Certbot. 
    $ sudo apt install certbot python3-certbot-apache
  2. Request a Let’s Encrypt SSL Certificate. 
    $ sudo certbot -d app.example.com
  3. Test Auto-renewal. 
    $ sudo certbot renew --dry-run

6. Test

Open a web browser, and visit your subdomain.

 https://app.example.com

The ownCloud login page should be displayed. Log in with the username admin, and password admin to start using the application.

More Information

You have configured Apache as a reverse proxy and set up ownCloud as the back-end application. For further information, refer to the following resources.

  • Apache mod_proxy documentation.
  • Use Apachetop To Monitor Web Server Traffic In Real Time.
  • Secure Apache with a Self-Signed TLS/SSL Certificate on Ubuntu 20.04.

Leave a Reply

Your email address will not be published. Required fields are marked *