ProxyForward

Contents

How to configure Apache and Squid to forward requests to external sites. This will still not catch content linked to other sites from the page eg. CDN images, javascripts and if the site prevents hotlinking or requests from other sites.

Needed applications

• Apache
• Squid

Apache Configuration

<VirtualHost *:80>
ServerName google.ctwug.za.net
ProxyPass / http://google.localhost:8080/
ProxyPassReverse / http://google.localhost:8080/
</VirtualHost>

This will forward all requests to the squid proxy listening on localhost port 8080. Makes sure to lock down the proxy bit of apache.

<Proxy *>
Order Deny,Allow
Deny from all
Allow from 127.0.0
Allow from 172.18
</Proxy> 

Squid Configuration

Configure the port to listen to the requests being forwarded from apache. Option defaultsite is only required for older http 1.0 clients. You can reuse the same configuration for multiple sites. Just leave out the defaultsite.

http_port 127.0.0.1:8080 defaultsite=www.google.com vhost

Or if you want to proxy more than one site

http_port 127.0.0.1:8080 vhost 

Configure the site as cache_peer in squid. The name= is used in cache_peer_domain to reference the correct cache_peer or it will always hit the first peer defined and it will end up at the wrong site. You can list more than one cache_peer.

cache_peer www.google.com parent 80 0 proxy-only no-query forceddomain=www.google.com originserver name=google.localhost 

Cache_peer_domain tells squid which cache_peer to use for which domain. You will need to set this, if you do not it will always hit the first defined cache_peer configured.

cache_peer_domain google.localhost .google.com google.ctwug.za.net google.localhost

You will also need to configure squid ACLs to allow the requests. It should by default allow localhost/localnets in the default ACLs.

Hosts file

This allows apache to look up google.localhost in the ProxyPass configuration.

127.0.0.1 google.localhost google.ctwug.za.net