If you want to run APIs or WebRTC connections externally, you can configure Apache to act as a reverse proxy using HTTPS on an external port (like 5000). and forward that traffic to an internal HTTP service running on a different port (like 15000). Here’s how to do it step by step:
Linux
### Step 1: Enable Necessary Apache Modules
Ensure that you have the necessary Apache modules enabled. You can do this by running the following commands:
bash
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod ssl
After enabling the modules, restart Apache:
bash
sudo systemctl restart apache2
### Step 2: Configure Apache Virtual Host for HTTPS Proxying
1. Create or modify a Virtual Host file for your domain (e.g., `drastic.com`). This file is usually located in `/etc/apache2/sites-available/`. You might name it something like `drastic.com.conf`.
2. Here is an example configuration that listens on HTTPS (port 5000) and proxies to an internal HTTP service on `127.0.0.1:15000`:
apache
<VirtualHost *:5000>
ServerName drastic.com
# Enable SSL
SSLEngine On
SSLCertificateFile /path/to/your/certificate.crt
SSLCertificateKeyFile /path/to/your/private.key
SSLCertificateChainFile /path/to/your/chainfile.crt
# Proxy configuration
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:15000/
ProxyPassReverse / http://127.0.0.1:15000/
# Optional: For WebSocket support (if needed)
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:15000/$1 [P,L]
# Error handling
ErrorLog ${APACHE_LOG_DIR}/drastic.com_error.log
CustomLog ${APACHE_LOG_DIR}/drastic.com_access.log combined
</VirtualHost>
Make sure to replace `/path/to/your/certificate.crt`, `/path/to/your/private.key`, and `/path/to/your/chainfile.crt` with the actual paths to your SSL certificate, key, and chain files.
### Step 3: Listen on Port 5000
By default, Apache may not be configured to listen on port 5000. To change this, edit the `ports.conf` file:
bash
sudo nano /etc/apache2/ports.conf
Add the following line to make Apache listen on port 5000 for HTTPS:
apache
Listen 5000
### Step 4: Enable the Site and Restart Apache
Now, enable the site and restart Apache:
bash
sudo a2ensite drastic.com.conf
sudo systemctl restart apache2
### Step 5: Firewall Configuration (if applicable)
If you have a firewall running (like `ufw`), make sure to allow traffic on port 5000:
bash
sudo ufw allow 5000/tcp
### Test the Configuration
Once everything is set up, visit `https://drastic.com:5000` in your browser. It should proxy the requests to `http://127.0.0.1:15000`.
Windows
### Step 1: Enable Required Modules
UwAmp should already come with the necessary Apache modules, but you’ll need to make sure they are enabled. You can do this by modifying the `httpd.conf` file located in the UwAmp installation directory (typically something like `UwAmp\bin\apache\conf\httpd.conf`).
1. Open the `httpd.conf` file in a text editor (like Notepad or Notepad++).
2. Look for the following lines and make sure they are uncommented (i.e., they don't have a `#` at the beginning):
apache
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so
If they are commented (preceded by a `#`), remove the `#` and save the file.
### Step 2: Configure Apache Virtual Host for HTTPS Proxying
Next, configure Apache to listen on HTTPS (port 5000) and forward requests to the internal HTTP service (port 15000).
1. In the `httpd.conf` file, add a new Virtual Host entry for your domain (e.g., `drastic.com`). You can place this configuration at the bottom of the file or in a separate virtual hosts configuration file (e.g., `extra/httpd-vhosts.conf`, depending on UwAmp's setup).
Here’s an example of what you should add:
apache
<VirtualHost *:5000>
ServerName drastic.com
# Enable SSL
SSLEngine On
SSLCertificateFile "C:/path/to/your/certificate.crt"
SSLCertificateKeyFile "C:/path/to/your/private.key"
SSLCertificateChainFile "C:/path/to/your/chainfile.crt"
# Proxy configuration
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:15000/
ProxyPassReverse / http://127.0.0.1:15000/
# Optional: WebSocket support (if needed)
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:15000/$1 [P,L]
# Logging (optional)
ErrorLog "C:/UwAmp/logs/drastic.com_error.log"
CustomLog "C:/UwAmp/logs/drastic.com_access.log" combined
</VirtualHost>
Make sure to replace `C:/path/to/your/certificate.crt`, `C:/path/to/your/private.key`, and `C:/path/to/your/chainfile.crt` with the correct paths to your SSL certificate, private key, and chain files.
### Step 3: Listen on Port 5000
By default, UwAmp may not be configured to listen on port 5000. To change this, locate the `Listen` directive in `httpd.conf` (or wherever it is set) and add the following line:
apache
Listen 5000
This instructs Apache to listen on port 5000 for incoming HTTPS connections.
### Step 4: Allow SSL and HTTP Traffic (Configure Windows Firewall)
You’ll need to ensure that the Windows firewall allows traffic through port 5000 for HTTPS. Follow these steps:
1. Open the **Windows Defender Firewall**.
2. Click **Advanced Settings**.
3. Select **Inbound Rules**, then click **New Rule**.
4. Choose **Port** and click **Next**.
5. Enter **5000** in the "Specific local ports" field and click **Next**.
6. Allow the connection and click **Next**.
7. Choose when the rule applies (domain/private/public), then click **Next**.
8. Name the rule (e.g., "Apache HTTPS Port 5000") and click **Finish**.
### Step 5: Restart UwAmp Apache
To apply the changes, you’ll need to restart Apache in UwAmp. You can do this through the UwAmp control panel:
1. Open UwAmp.
2. In the control panel, stop and restart Apache using the buttons provided.
### Step 6: Test the Configuration
Once Apache has restarted, open your browser and navigate to `https://drastic.com:5000`. The request should now be proxied to the internal service running on `http://127.0.0.1:15000`.
### Troubleshooting
- **Check Apache logs**: If something doesn’t work as expected, check the logs in `C:/UwAmp/logs/` for error details.
- **Certificate issues**: If you encounter issues related to SSL certificates, make sure the certificate files are correctly referenced and valid.
This should allow you to proxy traffic from `https://drastic.com:5000` to an internal service running at `http://127.0.0.1:15000`.