Caching Apache Forward Proxy

Apache FoundationIn my never ending quest to get more use of my computer equipment, I embarked on a new project last month. The problem, namely internet bandwidth. The home network just seems to be growing and growing with no end in sight. Between gaming systems and media servers, bandwidth is a big problem for most home networks. In my case, I already have a nice Windows Home Server 2011 box that is really not doing much, so I started thinking about what other uses this computer can do for the home network and a caching proxy made absolute sense.

Apache on Windows?

When most of us think Apache Web Server, we think Linux, but in reality Apache runs on Windows as well. The best resource out there for running Apache on Windows is the ApacheLounge; here you can find customized builds and forums with helpful information. For this scenario, I wanted a 64-bit version of Apache for Windows. This posed a problem, since Apache does not build a 64-bit version for Windows and the ApacheLounge did not have either. At this point you would need to compile it, or download an unofficial build from Blackdot.be. Since the goal is a caching proxy, I do not need to worry about 64-bit PHP or MySQL; those components are a non factor. At the time of this writing, I installed Apache 2.2.19 64-bit. I won’t detail the actual Apache installation since this is covered very well on other websites.

Apache + Mod_Proxy

If you never configured Apache 2.2, you might find it a little daunting at first, but once you do it so many times, it gets pretty easy. At the root of the apache installation folder you have a conf directory. This directory holds all the configuration files. Inside of the conf directory there is an httpd.conf file. This is the main setup file. Always make a backup file of the original file, that way you can always put it back if you break something. At this point you think you would just edit away and make your changes to the httpd.conf, but not so fast. The idea is that you should not edit the main httpd.conf file very much, but instead use the smaller configuration files that are in the /conf/extra directory. This way you keep your httpd.conf nice and tidy.

Apache uses Modules to go ahead and give you more features. You will only want to load the modules you need. For a caching forward proxy, you will need these modules to be uncommented (remove the #) in the httpd.conf file, in addition to the default:

  • LoadModule cache_module modules/mod_cache.so
  • LoadModule deflate_module modules/mod_deflate.so
  • LoadModule mem_cache_module modules/mod_mem_cache.so
  • LoadModule disk_cache_module modules/mod_disk_cache.so
  • LoadModule proxy_module modules/mod_proxy.so
  • LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
  • LoadModule proxy_connect_module modules/mod_proxy_connect.so
  • LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
  • LoadModule proxy_http_module modules/mod_proxy_http.so
  • LoadModule proxy_scgi_module modules/mod_proxy_scgi.so

Since this is going to be a proxy and not a webserver, you will want to modify the port for Apache. There is a line that will state:

Listen 80

Change this to the port that you will want the proxy on, such as 8080 or 8008. You will also need to modify the ServerName line as well to point to the same port:

ServerName mymachine.network.net:8080

Save the changes to the httpd.conf file and restart Apache. If all goes well, Apache will come back up and the service will be running. Now open the httpd.conf file again and towards the bottom of the file, you will uncomment some Include lines, specifically:

  • Include conf/extra/httpd-mpm.conf
  • Include conf/extra/httpd-vhosts.conf
  • Include conf/extra/httpd-deflate.conf
  • Include conf/extra/httpd-cache.conf

You will have to manually type the last two, since they don’t exist most likely.

httpd-cache.conf

In the conf/extra directory create a new text file with the name of httpd-cache.conf.

# http://httpd.apache.org/docs/2.2/mod/mod_proxy.html

<IfModule mod_proxy.c>
    ProxyRequests On

    <Proxy *>
        Order Deny,Allow
        Deny from all
        Allow from 192.168.1.0/255.255.255.0
    </Proxy>

    ProxyVia On
</IfModule>
<IfModule mod_cache.c>

    <IfModule mod_disk_cache.c>
        CacheRoot \"C:/temp/proxy\"
        CacheEnable disk /
        CacheDirLevels 3
        CacheDirLength 2
        CacheMaxFileSize 100000000
        CacheDefaultExpire 259200
        CacheMaxExpire 432000
    </IfModule> 

    ProxyTimeout 60
    NoProxy 192.168.1.0/255.255.255.0

# When acting as a proxy, don\'t cache the list of security updates
    CacheDisable http://security.update.server/update-list/

</IfModule>

# End of proxy directives.

In this setup, we are turning the proxy on, then securing it on our network, then setting the cache files to be stored on C:\temp\proxy. We are setting a 60 second timeout so that Apache does not wait forever for non-responsive sites. We are disabling the proxy for any internal web servers on our network, and selectively we can disable caching using the CacheDisable command if we like for certain websites.

httpd-deflate.conf

This step is optional. You do not need to use deflate. The added benefit of deflate is that it will compress content that is not compressed and save us some bandwidth on our own internal network. This is helpful if you are using wireless. You will need create the httpd-deflate.conf file if it is not there already.

# http://httpd.apache.org/docs/2.2/mod/mod_deflate.html

<IfModule mod_deflate.c>

AddOutputFilterByType DEFLATE text/html text/plain text/css application/x-javascript
#Highest 9 - Lowest 1
DeflateCompressionLevel 2

SetEnvIfNoCase Request_URI \\.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.pdf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wmv$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wma$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.swf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wav$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wmd$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wmz$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.mcf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wmx$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wm$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.wax$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.asf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.rm$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.pls$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.asx$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.mpg$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.mp2$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.mp3$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \\.avi$ no-gzip dont-vary

</IfModule>

Compression does increase cpu usage for Apache, so setting the number lower for the compression level will help mitigate this. Your mileage will vary of course.

httpd-vhosts.conf

Edit the vhosts.conf file as follows:

NameVirtualHost *:8080

<VirtualHost *:8080>
    ServerAdmin webmaster@mymachine.network.net:8080
    DocumentRoot \"C:/pathto.../apache/htdocs/public\"
    ServerName mymachine.network.net
    ServerAlias mymachine.network.net
    ErrorLog \"logs/mymachine.network.net-error.log\" 
    CustomLog \"logs/mymachine.network.net-access.log\" common
</VirtualHost>

This will output separate logs for your proxy and keep things tidy.

httpd-mpm.conf

This is another optional step. Configuring the way that Apache works on Windows will get you more performance. These are some settings I am currently implemented. Edit the httpd-mpm.conf and at the bottom of the file, find the WinNT MPM section and try the following settings:

<IfModule mpm_winnt_module>
    ThreadsPerChild      250
    MaxRequestsPerChild    0
    KeepAlive On
    KeepAliveTimeout 15
    MaxKeepAliveRequests 80
</IfModule>

This will help improve the performance of Apache and allow more connections than the normal setup. In my testing, it did make a difference when opening lots of browser tabs in Firefox.

It Caches!

One final restart of Apache and you should be on your way to a caching proxy. The last step is to configure your computers and devices to use the proxy. Note that some websites or services such as video streaming may not work with a proxy. I did test YouTube and that does work on my child’s iMac without a problem.

Additional Resources

Filed under: Apache

No comment yet, add your voice below!


Add a Comment

Your email address will not be published. Required fields are marked *

Comment *
Name *
Email *
Website