How can i load some files, say robots.txt, off the reverse proxy box instead of the actual host?
ProxyPass /robots.txt http://someotherserver.com/robots.txt
or
RewriteEngine On
RewriteCond %{REQUEST_URI} .*robots\.txt$ [NC]
RewriteRule (.*) http://otherhost.com/$1 [P]
Would it be wise to allow loading of .htaccess at the proxy box? What about the rewrite rules they proxy boxes have?
This actually shouldn't matter; .htaccess is just an "extended" apache configuration, so each server will handle their own rewrite rules individually. If your configuration allows for the .htaccess file to be read prior to the proxy, both will execute.
Where should i put my rewrite rules? in vhost or in .htaccess? If i allow .htaccess loading from proxy boxes, won't it be problem to have 2 .htaccess? I think only one of that will be loaded.
Pretty much same as above, if you write .htaccess pages that will actually LOAD on both servers, then they will both work independently.
What about reverse proxying sites that are on http as well as https? Do i need some special setup?
No real issues here. Its all server-side so it doesn't change the interaction with the client.
Are there any issues that i should watch out for while creating a reverse proxy? I already know about using mod_proxy_html to correct the links in html files.
nothing that i can think of off the top of my head.
I'm running newer versions of prometheus now, I had this in the 1.X series as well,
-web.external-url=https://<proxyhost>/prometheus
Try and see if it works in your version (I can't find any old documentation online, but some old github issues seems to relate to it as well).
Best Answer
iptables
is not able to inspect that deeply into packets. Even if it could, it would only be able to inspect HTTP traffic, not HTTPS. In apache, you can blacklist using theLimit
directive.