You are here

Lighttpd as reverse proxy

MySQL Performance Blog - Wed, 18/06/2008 - 2:28am

We often recommend to set lighttpd in front of apache to handle http requests (more about http://www.mysqlperformanceblog.com/2006/05/21/speedup-your-lamp-stack-with-lighttpd/ ) , redirect dynamic requests to apache and handle static files by itself. I just gathered step-by-step instruction how to do that in 10 minutes, as it may be not so obvious.

  • Of course you need lighttpd by itself, it's available on http://www.lighttpd.net/download
  • You may want pcre-devel packet, which allows to use regular expressions in lighttpd.conf. For CentOS boxes we just run yum install pcre-devel
  • Take sample config file lighttpd-1.4.XX/doc/lighttpd.conf and put to /etc/lighttpd/lighttpd.conf
  • Create directory to store log files, e.g. /var/log/lighttpd. Despite it looks simple, lighttpd may just die trying to create files in non-existing directory.
  • Set server.document-root = "/www/html/htdocs" to point to actual directory with web documents
  • Uncomment next lines in lighttpd.conf PLAIN TEXT CODE:
    1. server.modules              =  (
    2. ...
    3.    "mod_auth",
    4.    "mod_status",
    5.    "mod_proxy",
    6. ...
    7. )

    mod_status is useful to show additional information from lighttpd
    mod_auth to protect mod_status from unauthorized access :)
    and mod_proxy is proxy by itself

  • to enable status uncomment or add status.status-url = "/server-status" to lighttpd.conf
  • to protect access to /server-status put next lines to lighttpd.conf PLAIN TEXT CODE:
    1. auth.backend = "htpasswd"
    2. auth.backend.htpasswd.userfile = "/var/www/.htpasswd"
    3.  
    4. auth.require = ( "/server-status" =>
    5.  (
    6.  "method"  => "basic",
    7.  "realm"   => "status",
    8.  "require" => "valid-user"
    9.  )
    10. )

    It enables htpasswd file based authentication, you can just manage this file with htpasswd utility from apache.

  • and finally make changes related to proxy
    1. Move apache from 80 port to another, e.g. 8080 or pick your own.
    You need to change Listen and VirtualHost directives in httpd.cong
    and meantime set KeepAlive Off, as we want apache only handling dynamic pages.
    2. put next lines to lighttpd.conf:

    PLAIN TEXT CODE:
    1. $HTTP["url"] !~ "\.(js|css|gif|jpg|png|ico|txt|swf|html|htm)$" {
    2.      proxy.server  = ( "" => (
    3.      ( "host" => "127.0.0.1", "port" => 8080 )
    4.       )
    5.     )
    6. }

    This actually directs lighttpd to redirect all requests, besides one ending js|css|gif|jpg|png|ico|txt|swf|html|htm (you can add your own static pages), to apache listening on 8080 port

  • Final step to add lighttpd to list of services (actual only for RedHat / CentOS)
    cp /doc/rc.lighttpd.redhat /etc/init.d/lighttpd

    fix path
    lighttpd="/usr/local/lighttpd/sbin/lighttpd"

    and add script to autostart
    chkconfig --add lighttpd
    chkconfig --level 2345 lighttpd on

That's all. For complex apache setups and VirtualHosts it may be trickier, but work just fine for simple cases.

Entry posted by Vadim | No comment

Add to: delicious | digg | reddit | netscape | Google Bookmarks