PhixFlow Help
Install Pound Reverse Proxy
A Pound reverse proxy sits between the browser client(s) and the Tomcat web server(s). Its function is to forward requests received on one port to a web server on a different port. It can terminate HTTPS connections and redirect to an HTTP web server. It can also provide load-balancing by forwarding to a list of web servers.
The instructions here are for installing Pound on a Linux Ubuntu distribution and configuring it as an HTTPS server, forwarding to an HTTP web server on a non-standard port. These instructions assume that you have already created an SSL certificate in pem format.
More information on how to configure pound can be found on help.ubuntu.com/community/Pound.
Install Pound
These instructions assume that you are an administrator with sudo access.
To download and install Pound:
sudo apt-get install poundConfigure Pound
Save the certificate pem file in /etc/ssl/private. Give it a meaningful name that relates to the url that it protects.
Edit the pound configuration file:
sudo vi /etc/pound/pound.cfgso that it looks something like this:
## 2 extended
## 3 Apache-style (common log format)
LogLevel 1
## check backend every X secs:
Alive 30
ListenHTTPS
Address 0.0.0.0
Port 443
Cert "/etc/ssl/private/my.host.com.pem"
Client 20
RewriteLocation 1
End
Service
BackEnd
Address 127.0.0.1
Port 8080
End
End
This tells pound to terminate the encryption on any request received on port 443 (using the certificate in /etc/ssl/private/my.host.com.pem) and forward the request unencrypted to port 8080 on the same host (127.0.0.1). RewriteLocation 1 is the default setting; this is required so that pound rewrites the Location in any redirects to HTTPS.
Enable pound
sudo vi /etc/default/poundChange it from startup=0 to startup=1.
Start the service
sudo /etc/init.d/pound start