Reverse proxy


The reverse proxy configuration is part of the Web server application inside the new Server Manager.

The reverse proxy feature is useful when you want to access internal sites from the outside network.

Path and virtual host rules

A web client request can be forwarded to another web server transparently, according to two types of matching rules:

  • Requests matching an URL path, like
  • Requests matching a virtual host name, like

The typical scenario for a URL path rule is the following:

  • NethServer is the firewall of your LAN
  • You have a domain
  • You would like to forward to the internal server (internal IP:

In this scenario, create a new record under Reverse proxy > Paths page. Set the Name of the item to mysite and the Target URL to

If only encrypted connections are allowed, enable the Require SSL encrypted connection.

Only clients from certain networks can be allowed to connect, by specifying a comma-separated list of CIDR networks under the Access from CIDR networks field.

A virtual host name rule can be forward HTTP requests to another web server, and is defined in the Reverse proxy > Virtual hosts page. For instance:

  • NethServer is the firewall of your LAN
  • You have a domain
  • You would like to be forwarded to the internal web server, port 9000.

In this scenario, set the Name of a new virtual host item to and the Target URL to

Refer also to the UI description of Reverse Proxy for additional information about advanced features, like Forward HTTP “Host” header to target and :guilabel`Accept invalid SSL certificate from target`.

Manual configuration

If Reverse proxy page is not enough, you can always configure Apache manually, by creating a new file inside /etc/httpd/conf.d/ directory.


Create /etc/httpd/conf.d/myproxypass.conf file with this content:

<VirtualHost *:443>
    SSLEngine On
    SSLProxyEngine On
    ProxyPass /owa
    ProxyPassReverse /owa

<VirtualHost *:80>
    ProxyPreserveHost On
    ProxyPass /
    ProxyPassReverse /

Please refer to official Apache documentation for more information: