converted to 1.6 markup
|No differences found!|
This is still in progress. Please do not modify
Enable Apache as a Proxy For OWA
There are plenty of reasons why you may want to protect an OWA service with an Apache Proxy. You may want too use mod_security for example. You may also already have an Apache HTTPD Server in a public facing role, and you would rather 'hide' your IIS instance from the public directly.
If you want to use Apache as a Front-End proxy for an OWA service you are going to need several modules.
In this recipe we will not go into detail on how to configure an SSL enabled VirtualHost, or on how to install modules. If you need help with any of these please consult the Apache Docs.
You will need to modify your Apache config file (usually httpd.conf) to include the following lines to enable the modules:
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule ssl_module modules/mod_ssl.so
Now in your SSL enabled VirtualHost add the following:
RequestHeader set Front-End-Https "On" ProxyPass /exchange http://owa.yourdomain.tld/exchange/ ProxyPass /exchweb http://owa.yourdomain.tld/exchweb/ ProxyPass /public http://owa.yourdomain.tld/public/ ProxyPass /iisadmpwd http://owa.yourdomain.tld/iisadmpwd/ ProxyPassReverse /exchange http://owa.yourdomain.tld/exchange/ ProxyPassReverse /exchweb http://owa.yourdomain.tld/exchweb/ ProxyPassReverse /public http://owa.yourdomain.tld/public/ ProxyPassReverse /iisadmpwd http://owa.yourdomain.tld/iisadmpwd/ CacheDisable *
n.b. Make sure that you replace owa.yourdomain.tld with your domain name.
Now you need to modify your local hosts file, this is too make the server pass the traffic to the internal server, on a different IP address.
In /etc/hosts add:
Now in your /etc/host.conf ensure that the hosts file is checked before any other name resolution service, i.e.:
order hosts, bind multi on