Ken Andersen's blog about technology related subjects.
Thursday, October 20, 2016
Reverse Proxies
We all know what a proxy server does, right? A proxy server acts as a sort of path to the internet on a network that is not otherwise connected to the internet. Your computer talks to the proxy server, the proxy server requests the web page you are looking for, the web server sends the page back to the proxy server, and the proxy server sends the page to you.
What if you wanted to do the opposite? What if you have web servers that are not directly connected to the internet and you want to have them serve pages to the public? A reverse proxy can do this for you.
In my case, I have a live TV server on my home network that I want to make available on the public internet. I have made a post about Emby (formerly Media Browser) before. It's a great way to stream your live TV and recordings to your various devices. However, I decided that I wanted this traffic to be encrypted and I wasn't very happy with the way Emby handles SSL on its own.
Here is where a reverse proxy comes in. A full featured web server handles SSL much better than a standalone application can. I wanted to be able to plug in the automation of Letsencrypt to be able to conveniently renew my SSL certificate. I couldn't get this working with Emby itself. So, I turned on the IIS feature on my Windows box and setup the proper domain binding on the default website. Then, I installed the Application Request Routing extension for IIS. Then I enabled the proxy feature of the extension.
Then the URL Rewrite module needed to be installed. After installing, you need to create rules to work with Application Request Routing.
It worked beautifully! I also got the added benefit of not having to specify a port number in my URL anymore. My requests to my domain are now standard port 443 https requests. The requests then get proxied to the Emby app on port 8096 running on the same machine.
I anticipate that my reverse proxy setup will also come in handy to be able to proxy SSL traffic to multiple services that I am thinking about setting up on this box. IIS will be able to handle multiple domains coming in and proxy them to other applications. It's an absolute win-win scenario.
© The Ramblings of Ken Powered by Bootstrap , Blogger templates and RWD Testing Tool