Confluence 4.0 : Using Apache with mod_proxy
This page last changed on Aug 24, 2011 by edawson.
This page describes how to integrate Confluence into an Apache website using mod_proxy.
On this page: There are some common situations where you might do this:
This page describes how to configure mod_proxy. We describe two options:
Simple configurationSet the context pathFirst, set your Confluence application path (the part after hostname and port) correctly. Say you want Confluence available at http://www.example.com/confluence/, and you currently have it running at http://localhost:8090/. The first step is to get Confluence available at http://localhost:8090/confluence/. To do this in Tomcat (bundled with Confluence), edit <Context path="" docBase="../confluence" debug="0" reloadable="true"> and change it to: <Context path="/confluence" docBase="../confluence" debug="0" reloadable="true"> Then restart Confluence, and ensure you can access it at http://localhost:8090/confluence/ Configure mod_proxyNow enable mod_proxy in Apache, and proxy requests to the application server by adding the example below to your Apache httpd.conf (note: the files may be different on your system; the JIRA docs describe the process for Ubuntu/Debian layout): # Put this after the other LoadModule directives LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so # Put this in the main section of your configuration (or desired virtual host, if using Apache virtual hosts) ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /confluence http://localhost:8090/confluence ProxyPassReverse /confluence http://localhost:8090/confluence <Location /confluence> Order allow,deny Allow from all </Location> Set the URL for redirectionYou will need to modify the Locate this code segment <Connector port="8090" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" /> And append the following segment: <Connector port="8090" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" *proxyName="www.example.com" proxyPort="80"* /> Replace www.example.com with the URL you wish to be redirected to.
Complex configurationComplex configuration involves using the mod_proxy_html filter to modify the proxied content en-route. This is required if the Confluence path differs between Apache and the application server. For example:
Notice that the application path in the URL is different in each. On Apache, the path is /, and on the application server the path is /confluence.
# Put this after the other LoadModule directives LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_html_module modules/mod_proxy_html.so <VirtualHost *> ServerName confluence.example.com # Put this in the main section of your configuration (or desired virtual host, if using Apache virtual hosts) ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://app-server.internal.example.com:8090/confluence ProxyPassReverse / http://app-server.internal.example.com:8090/confluence ProxyHTMLURLMap / /confluence/ <Location /> Order allow,deny Allow from all </Location> </VirtualHost> The ProxyHTMLURLMap configuration can become more complex if you have multiple applications running under this configuration. The mapping should also be placed in a Location block if the web server URL is a subdirectory and not on a virtual host. The Apache Week tutorial has more information how to do this. Adding SSLIf you're running Apache in front of Tomcat, it's a good idea to terminate your SSL configuration at Apache, then forward the requests to Tomcat over HTTP. You can set up Apache to terminate the SSL connection and use the ProxyPass and ProxyPassReverse directives to pass the connection through to Tomcat (or the appropriate application server) which is running Confluence.
Because of how the ProxyPass and ProxyPassReverse directives work, you should not need to modify the tomcat installation at all. Most of the relevant Apache Config: Listen 443 NameVirtualHost *:443 <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem ProxyPass / http://localhost:8090/ ProxyPassReverse / http://localhost:8090/ </VirtualHost> More information
AlternativesIf Tomcat is your application server, you have two options:
If your application server has an AJP connector, you can:
|
![]() |
Document generated by Confluence on Sep 19, 2011 02:47 |