reverse proxy is the opposite of forward proxy and here we want to show how to configure squid as a reverse proxy in CentOS 7 linux.
specially reverse proxy has application in security designs and normally it will be used to hidden primary servers such as web server behind a proxy.
reverse proxy design can be implemented with apache, nginx, squid and other programs. here we are going to configure squid as a reverse proxy.
Here is our environment:
OS: CentOS 7 linux on VMWare
IP address: 192.168.43.242
Internal IP address range: 192.168.1.0/24
web server IP address: 192.168.1.2
and here is our network desing:
1- Install squid
To know about how to install squid, please refer to How to install squid proxy server on CentOS 7 linux.
also here we assume apache server has been installed and set up previously and is listening on port 80 for web requests.
2- Configure squid
In our squid setup, it has been configured to listen on port 80 and authentication is disabled. so for squid to act as a reverse proxy, we need to add these lines to the configuration:
# vim /etc/squid/squid.conf
cache_peer 192.168.1.2 parent 80 0 no-query originserver
it tells squid to forward request to port 80 to 192.168.1.2 which is our web server.
also add this line:
http_port 80 accel defaultsite=192.168.1.2 vhost
it tells squid to accept connection on port 80 and act as a reverse proxy.
squid actual memory usage is depend on incoming request. so it’s a good idea to increase its memory cache to fit to your needs. here we set it to 500 MB. so add this line to squid config file:
cache_mem 500 MB
also it’s better to set maximum object size that squid will keep it in memory:
maximum_object_size_in_memory 50000 KB
then we will restart squid service:
# systemctl restart squid
3- Test configuration
now we open a browser and enter IP address of squid server.
it must show index page of our web server.