📄 mod_proxy.html.en
字号:
<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --><title>mod_proxy - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.2</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_proxy</h1><div class="toplang"><p><span>Available Languages: </span><a href="../en/mod/mod_proxy.html" title="English"> en </a> |<a href="../ja/mod/mod_proxy.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p></div><table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>HTTP/1.1 proxy/gateway server</td></tr><tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module營dentifier:</a></th><td>proxy_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source燜ile:</a></th><td>mod_proxy.c</td></tr></table><h3>Summary</h3> <div class="warning"><h3>Warning</h3> <p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have <a href="#access">secured your server</a>. Open proxy servers are dangerous both to your network and to the Internet at large.</p> </div> <p>This module implements a proxy/gateway for Apache. It implements proxying capability for <code>AJP13</code> (Apache JServe Protocol version 1.3), <code>FTP</code>, <code>CONNECT</code> (for SSL), <code>HTTP/0.9</code>, <code>HTTP/1.0</code>, and <code>HTTP/1.1</code>. The module can be configured to connect to other proxy modules for these and other protocols.</p> <p>Apache's proxy features are divided into several modules in addition to <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>: <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>, <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>, <code class="module"><a href="../mod/mod_proxy_ajp.html">mod_proxy_ajp</a></code>, <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>, and <code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code>. Thus, if you want to use one or more of the particular proxy functions, load <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> <em>and</em> the appropriate module(s) into the server (either statically at compile-time or dynamically via the <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> directive).</p> <p>In addition, extended features are provided by other modules. Caching is provided by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> and related modules. The ability to contact remote servers using the SSL/TLS protocol is provided by the <code>SSLProxy*</code> directives of <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>. These additional modules will need to be loaded and configured to take advantage of these features.</p></div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#allowconnect">AllowCONNECT</a></li><li><img alt="" src="../images/down.gif" /> <a href="#balancermember">BalancerMember</a></li><li><img alt="" src="../images/down.gif" /> <a href="#noproxy">NoProxy</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxy"><Proxy></a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxybadheader">ProxyBadHeader</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyblock">ProxyBlock</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxydomain">ProxyDomain</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyerroroverride">ProxyErrorOverride</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyftpdircharset">ProxyFtpDirCharset</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyiobuffersize">ProxyIOBufferSize</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxymatch"><ProxyMatch></a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxymaxforwards">ProxyMaxForwards</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypass">ProxyPass</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypassinterpolateenv">ProxyPassInterpolateEnv</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypassmatch">ProxyPassMatch</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypassreverse">ProxyPassReverse</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypassreversecookiedomain">ProxyPassReverseCookieDomain</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypassreversecookiepath">ProxyPassReverseCookiePath</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxypreservehost">ProxyPreserveHost</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyreceivebuffersize">ProxyReceiveBufferSize</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyremote">ProxyRemote</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyremotematch">ProxyRemoteMatch</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyrequests">ProxyRequests</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyset">ProxySet</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxystatus">ProxyStatus</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxytimeout">ProxyTimeout</a></li><li><img alt="" src="../images/down.gif" /> <a href="#proxyvia">ProxyVia</a></li></ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> <a href="#forwardreverse">Forward Proxies and Reverse Proxies/Gateways</a></li><li><img alt="" src="../images/down.gif" /> <a href="#examples">Basic Examples</a></li><li><img alt="" src="../images/down.gif" /> <a href="#access">Controlling access to your proxy</a></li><li><img alt="" src="../images/down.gif" /> <a href="#startup">Slow Startup</a></li><li><img alt="" src="../images/down.gif" /> <a href="#intranet">Intranet Proxy</a></li><li><img alt="" src="../images/down.gif" /> <a href="#envsettings">Protocol Adjustments</a></li><li><img alt="" src="../images/down.gif" /> <a href="#request-bodies">Request Bodies</a></li><li><img alt="" src="../images/down.gif" /> <a href="#x-headers">Reverse Proxy Request Headers</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code></li><li><code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code></li><li><code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code></li><li><code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code></li><li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li><li><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="forwardreverse" id="forwardreverse">Forward Proxies and Reverse Proxies/Gateways</a></h2> <p>Apache can be configured in both a <dfn>forward</dfn> and <dfn>reverse</dfn> proxy (also known as <dfn>gateway</dfn>) mode.</p> <p>An ordinary <dfn>forward proxy</dfn> is an intermediate server that sits between the client and the <em>origin server</em>. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target and the proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites.</p> <p>A typical usage of a forward proxy is to provide Internet access to internal clients that are otherwise restricted by a firewall. The forward proxy can also use caching (as provided by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>) to reduce network usage.</p> <p>The forward proxy is activated using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive. Because forward proxies allow clients to access arbitrary sites through your server and to hide their true origin, it is essential that you <a href="#access">secure your server</a> so that only authorized clients can access the proxy before activating a forward proxy.</p> <p>A <dfn>reverse proxy</dfn> (or <dfn>gateway</dfn>), by contrast, appears to the client just like an ordinary web server. No special configuration on the client is necessary. The client makes ordinary requests for content in the name-space of the reverse proxy. The reverse proxy then decides where to send those requests, and returns the content as if it was itself the origin.</p> <p>A typical usage of a reverse proxy is to provide Internet users access to a server that is behind a firewall. Reverse proxies can also be used to balance load among several back-end servers, or to provide caching for a slower back-end server. In addition, reverse proxies can be used simply to bring several servers into the same URL space.</p> <p>A reverse proxy is activated using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive or the <code>[P]</code> flag to the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive. It is <strong>not</strong> necessary to turn <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> on in order to configure a reverse proxy.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="examples" id="examples">Basic Examples</a></h2> <p>The examples below are only a very basic idea to help you get started. Please read the documentation on the individual directives.</p> <p>In addition, if you wish to have caching enabled, consult the documentation from <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p> <div class="example"><h3>Forward Proxy</h3><p><code> ProxyRequests On<br /> ProxyVia On<br /> <br /> <Proxy *><br /> <span class="indent"> Order deny,allow<br /> Deny from all<br /> Allow from internal.example.com<br /> </span> </Proxy> </code></p></div> <div class="example"><h3>Reverse Proxy</h3><p><code> ProxyRequests Off<br /> <br /> <Proxy *><br /> <span class="indent"> Order deny,allow<br /> Allow from all<br /> </span> </Proxy><br /> <br /> ProxyPass /foo http://foo.example.com/bar<br /> ProxyPassReverse /foo http://foo.example.com/bar </code></p></div> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="access" id="access">Controlling access to your proxy</a></h2> <p>You can control who can access your proxy via the <code class="directive"><a href="#proxy"><Proxy></a></code> control block as in the following example:</p> <div class="example"><p><code> <Proxy *><br /> <span class="indent"> Order Deny,Allow<br /> Deny from all<br /> Allow from 192.168.0<br /> </span> </Proxy> </code></p></div> <p>For more information on access control directives, see <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.</p> <p>Strictly limiting access is essential if you are using a forward proxy (using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive). Otherwise, your server can be used by any client to access arbitrary hosts while hiding his or her true identity. This is dangerous both for your network and for the Internet at large. When using a reverse proxy (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive with <code>ProxyRequests Off</code>), access control is less critical because clients can only contact the hosts that you have specifically configured.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="startup" id="startup">Slow Startup</a></h2>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -