# Paste the following fragment into the section intended for # proxying HTTP(S) requests and caching the responses. See INSTALL-PROXY for # details. # # List of modules used: # # rewrite # headers # ssl # proxy # proxy_http # cache # cache_disk # # Enable the rewrite rules functionality. # Error "rewrite_module is not enabled" RewriteEngine on RewriteOptions AllowAnyURI # Make sure that the HTTP header management functionality is enabled. # Error "headers_module is not enabled" # Enable the HTTP proxy. # Error "proxy_module is not enabled" Error "proxy_http_module is not enabled" ProxyRequests On # Enable SSL/TLS API usage for querying HTTPS URLs. # Error "ssl_module is not enabled" SSLProxyEngine on # Optional: prevent non-authorized proxy usage, for example: # # # Require ip 10.5 # # Accept only the HTTP GET method and respond with the 403 HTTP status # code (Forbidden) for other methods. # RewriteCond %{REQUEST_METHOD} !GET RewriteRule .* - [F] # Optional: restrict the URL set allowed for proxying, for example: # # RewriteCond %{HTTP_HOST} !(.+\.)?example.org # RewriteRule .* - [F] # Convert the http scheme to https for URLs being proxied. # # To prevent the conversion we can exclude certain hosts. For example: # # RewriteCond %{HTTP_HOST} !(.+\.)?example.org [OR] # RewriteCond %{HTTP_HOST} !(.+\.)?example.net # # Or check for a custom header value. Note that this header should not # be forwarded to the origin server. For example: # # RewriteCond %{HTTP:X-Preserve-HTTP} !(1|on|true) [NC] # RequestHeader unset X-Preserve-HTTP # RewriteRule ^proxy:http://(.*)$ "https://$1" [P] # Enable the disk storage-based cache. # Error "cache_module is not enabled" Error "cache_disk_module is not enabled" CacheEnable disk "http://" # Specify the cache root directory and make sure it is writable by the # user under which Apache2 is running. # # Note that if there are no other proxies enabled for the WEB server, # you can probably specify (you still have to specify it) the default # cache directory (/var/cache/apache2/mod_cache_disk for Debian/Ubuntu # and /var/cache/httpd/proxy for Fedora/RHEL). # CacheRoot # Cache entry maximum size (in bytes). # CacheMaxFileSize 100000000 # Prevent duplicate caching of responses for the same simultaneously # proxied URL. Specify an appropriate per-URL lock timeout (in # seconds) to avoid stalled downloads from keeping the entries # uncached. # CacheLock on CacheLockMaxAge 600 # Always validate an existing cache entry by querying the origin # server. # # We do this by injecting the request header which always declares the # existing cache entry as potentially stale (ignoring Expire response # header and Cache-Control header's max-age field) which should also # be propagated through all the upstream proxies forcing them to # validate the resource freshness. # # Note that this relies on both the proxy and origin servers correctly # supporting conditional requests based on entity tags (ETag HTTP # response and If-None-Match HTTP request headers) or less accurate # entity modification times (Last-Modified HTTP response and # If-Modified-Since HTTP request headers), which is normally the case # if both are running Apache. A proxy normally caches the ETag and/or # Last-Modified response header values alongside the cached entity and # adds If-None-Match and/or If-Modified-Since headers respectively to # the entity validation request. An origin server normally checks if # any of the ETag or Last-Modified headers changed for the entity and # responds with its full content, if that's the case, or with the 304 # HTTP status code (Not Modified) otherwise (see the Apache Caching # Guide for details). # # Also note that to observe the injected header the cache handler # should not be configured as a quick handler. # RequestHeader set Cache-Control max-age=0 CacheQuickHandler off