PHP+Apache as forward/reverse proxy: how to process client requests and server responses in PHP


I'm having a lot of troubles with the proper configuration of Apache to work as desired…

The main idea, is to create a proxy on a local machine in a network which will have the ability to process a client request (client connected through this Apache prepared proxy) in PHP.
And also, it will have the capacity to process the server responses on PHP too.

Those are the 2 functionalities, and they are independent from each other.

Let me present a little schema of what I need to achieve:

alt text

As you can see here, there're 2 ways: blue one and red one.

For the blue one, I basically connected a client (Machine B – cell phone) on my local network (home) and configured it to go through a proxy, which is the Machine A (personal computer) on the exactly same network.

So let's say (not DHCP):

Machine A: –> Apache is running on this machine, and configured to listen port 80.

Machine B (cell phone): –> configured to go through a proxy, which is IP and port 80 (basically, Machine A).

After configuring Apache properly, which is basically to remove the "#" from httpd.conf on the lines for the (main worker), (SSL, allowCONNECT, …) and (needed for handle HTTP request/responses) and having in my case, lines like this:

# Implements a proxy/gateway for Apache.
Include "conf/extra/httpd-proxy.conf"

# Various default settings
Include "conf/extra/httpd-default.conf"

# Secure (SSL/TLS) connections
Include "conf/extra/httpd-ssl.conf"

Which gives me the ability to configure the file httpd-proxy.conf to prepare the forward proxy or the reverse proxy.

So I'm not sure, if what I need is a forward proxy or a reverse one.

For a forward proxy I've done this:

<IfModule proxy_module>
<IfModule proxy_http_module>


#ProxyRequests Off
ProxyRequests On
ProxyVia On

<Proxy *>
    Order deny,allow
#   Allow from all
    Deny from all
    Allow from 192.168.1


which basically passes all the packets normally to the server and back to the client.
I can trace it perfectly (and testing that works) looking at the "access.log" from Apache.
Any request I make with the cell phone, appears then on the Apache log.
So it works.

But here comes the problem:

  • I need to process those client requests.
    And I need to do it, in PHP.

I have read a lot about this. I've read in detail the official site from Apache about mod_proxy. And I've searched a lot on forums, but without luck.

So I thought about a first approximation:

1) Forward proxy in Apache, passes all the packets and it's not possible to process them. This seems to be true, so, what about a reverse proxy?

So I envisioned something like:

ProxyRequests Off

<Proxy *>
Order deny,allow
Allow from all


which is just a test, but this should cause on my cell phone that when trying to navigate to Google, I should be going to Yahoo, isn't it?
But not. It doesn't work.

So you really see, that ALL the examples on Apache reverse proxy, goes like:

ProxyPass /foo
ProxyPassReverse /foo

which means, that any kind of request in a local context, will be solved on a remote location.

But what I needed is the inverse! It's that when asking for a remote site on my phone, I solve this request on my local server (the Apache one) to process it with a PHP module.

So, if it's a forward proxy, I need to pass through PHP first.
If it's a reverse proxy, I need to change the "going" direction to my local server one to process first on PHP.

Then comes in mind second option:

2) I've seen something like:

SetOutputFilter INCLUDES

And I started to search for SetOutputFilter, SetInputFilter, AddOutputFilter and AddInputFilter.

But I don't really know how can I use it.

Seems to be good, or a solution to me, because with something like this, I should be able to add an Input filter to process on PHP the client requests and send back to the client what I programmed/want (not the remote server response) which is the BLUE path on schema, and I should have the ability to add an Output filter which seems to give me the ability to process the remote server response before sending it to the client, which should be the RED path on the schema.

Red path, it's just to read server responses and play with them. But nothing more.
The Blue path, is the important one. Because I will send to the client whatever I want after processing the requests.

Sorry for this amazingly big post, but I needed to explain it as well as I can.

I hope someone will understand my problem, and will help me to solve it!

Best Answer

Okay, so first of all: Apache is the wrong tool!

Apache is a webserver, not a proxy server. Yes, it comes with a proxy module, but first and foremost it's a webserver.

Rather, you should look into a real proxy server like squid. And within squid you are looking for a feature called "Content Adaptation":