mod_proxy.html.en

来自「apache服务器源代码（版本号：2.2.2）」· EN 代码 · 共 1,107 行 · 第 1/5 页

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
              This file is generated from xml source: DO NOT EDIT
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      -->
<title>mod_proxy - Apache HTTP Server</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.2</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.2</a> &gt; <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_proxy</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_proxy.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../ja/mod/mod_proxy.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>HTTP/1.1 proxy/gateway server</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module營dentifier:</a></th><td>proxy_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source燜ile:</a></th><td>mod_proxy.c</td></tr></table>
<h3>Summary</h3>

    <div class="warning"><h3>Warning</h3>
      <p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have <a href="#access">secured your server</a>. Open proxy servers are dangerous both to your
      network and to the Internet at large.</p>
    </div>

    <p>This module implements a proxy/gateway for Apache. It implements
    proxying capability for <code>AJP13</code> (Apache JServe Protocol
    version 1.3), <code>FTP</code>, <code>CONNECT</code> (for SSL),
    <code>HTTP/0.9</code>, <code>HTTP/1.0</code>, and <code>HTTP/1.1</code>.
    The module can be configured to connect to other proxy modules for these
    and other protocols.</p>

    <p>Apache's proxy features are divided into several modules in
    addition to <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>:
    <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>, <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>,
    <code class="module"><a href="../mod/mod_proxy_ajp.html">mod_proxy_ajp</a></code>, <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>,
    and <code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code>.  Thus, if you want to use
    one or more of the particular proxy functions, load
    <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> <em>and</em> the appropriate module(s)
    into the server (either statically at compile-time or dynamically
    via the <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code>
    directive).</p>

    <p>In addition, extended features are provided by other modules.
    Caching is provided by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> and related
    modules.  The ability to contact remote servers using the SSL/TLS
    protocol is provided by the <code>SSLProxy*</code> directives of
    <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>.  These additional modules will need
    to be loaded and configured to take advantage of these features.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#allowconnect">AllowCONNECT</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#noproxy">NoProxy</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxy">&lt;Proxy&gt;</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxybadheader">ProxyBadHeader</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyblock">ProxyBlock</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxydomain">ProxyDomain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyerroroverride">ProxyErrorOverride</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyiobuffersize">ProxyIOBufferSize</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxymatch">&lt;ProxyMatch&gt;</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxymaxforwards">ProxyMaxForwards</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxypass">ProxyPass</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxypassreverse">ProxyPassReverse</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxypassreversecookiedomain">ProxyPassReverseCookieDomain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxypassreversecookiepath">ProxyPassReverseCookiePath</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxypreservehost">ProxyPreserveHost</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyreceivebuffersize">ProxyReceiveBufferSize</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyremote">ProxyRemote</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyremotematch">ProxyRemoteMatch</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyrequests">ProxyRequests</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxytimeout">ProxyTimeout</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#proxyvia">ProxyVia</a></li>
</ul>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#forwardreverse">Forward and Reverse Proxies</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#examples">Basic Examples</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#access">Controlling access to your proxy</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#startup">Slow Startup</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#intranet">Intranet Proxy</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#envsettings">Protocol Adjustments</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#request-bodies">Request Bodys</a></li>
</ul><h3>See also</h3>
<ul class="seealso">
<li><code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code></li>
<li><code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code></li>
<li><code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code></li>
<li><code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code></li>
<li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li>
<li><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="forwardreverse" id="forwardreverse">Forward and Reverse Proxies</a></h2>
      <p>Apache can be configured in both a <dfn>forward</dfn> and
      <dfn>reverse</dfn> proxy mode.</p>

      <p>An ordinary <dfn>forward proxy</dfn> is an intermediate
      server that sits between the client and the <em>origin
      server</em>.  In order to get content from the origin server,
      the client sends a request to the proxy naming the origin server
      as the target and the proxy then requests the content from the
      origin server and returns it to the client.  The client must be
      specially configured to use the forward proxy to access other
      sites.</p>

      <p>A typical usage of a forward proxy is to provide Internet
      access to internal clients that are otherwise restricted by a
      firewall.  The forward proxy can also use caching (as provided
      by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>) to reduce network usage.</p>

      <p>The forward proxy is activated using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive.  Because
      forward proxys allow clients to access arbitrary sites through
      your server and to hide their true origin, it is essential that
      you <a href="#access">secure your server</a> so that only
      authorized clients can access the proxy before activating a
      forward proxy.</p>

      <p>A <dfn>reverse proxy</dfn>, by contrast, appears to the
      client just like an ordinary web server.  No special
      configuration on the client is necessary.  The client makes
      ordinary requests for content in the name-space of the reverse
      proxy.  The reverse proxy then decides where to send those
      requests, and returns the content as if it was itself the
      origin.</p>

      <p>A typical usage of a reverse proxy is to provide Internet
      users access to a server that is behind a firewall.  Reverse
      proxies can also be used to balance load among several back-end
      servers, or to provide caching for a slower back-end server.
      In addition, reverse proxies can be used simply to bring
      several servers into the same URL space.</p>

      <p>A reverse proxy is activated using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive or the
      <code>[P]</code> flag to the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive.  It is
      <strong>not</strong> necessary to turn <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> on in order to
      configure a reverse proxy.</p>
    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="examples" id="examples">Basic Examples</a></h2>

    <p>The examples below are only a very basic idea to help you
    get started.  Please read the documentation on the individual
    directives.</p>

    <p>In addition, if you wish to have caching enabled, consult
    the documentation from <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p>

    <div class="example"><h3>Forward Proxy</h3><p><code>
    ProxyRequests On<br />
    ProxyVia On<br />
    <br />
    &lt;Proxy *&gt;<br />
    <span class="indent">
      Order deny,allow<br />
      Deny from all<br />
      Allow from internal.example.com<br />
    </span>
    &lt;/Proxy&gt;
    </code></p></div>

    <div class="example"><h3>Reverse Proxy</h3><p><code>
    ProxyRequests Off<br />
    <br />
    &lt;Proxy *&gt;<br />
    <span class="indent">
      Order deny,allow<br />
      Allow from all<br />
    </span>
    &lt;/Proxy&gt;<br />
    <br />
    ProxyPass /foo http://foo.example.com/bar<br />
    ProxyPassReverse /foo http://foo.example.com/bar
    </code></p></div>
    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="access" id="access">Controlling access to your proxy</a></h2>
      <p>You can control who can access your proxy via the <code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code> control block as in
      the following example:</p>

      <div class="example"><p><code>
        &lt;Proxy *&gt;<br />
        <span class="indent">
          Order Deny,Allow<br />
          Deny from all<br />
          Allow from 192.168.0<br />
        </span>
        &lt;/Proxy&gt;
      </code></p></div>

      <p>For more information on access control directives, see
      <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.</p>

      <p>Strictly limiting access is essential if you are using a
      forward proxy (using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive).
      Otherwise, your server can be used by any client to access
      arbitrary hosts while hiding his or her true identity.  This is
      dangerous both for your network and for the Internet at large.
      When using a reverse proxy (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive with
      <code>ProxyRequests Off</code>), access control is less
      critical because clients can only contact the hosts that you
      have specifically configured.</p>

    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="startup" id="startup">Slow Startup</a></h2>
      <p>If you're using the <code class="directive"><a href="#proxyblock">ProxyBlock</a></code> directive, hostnames' IP addresses are looked up
      and cached during startup for later match test. This may take a few
      seconds (or more) depending on the speed with which the hostname lookups