How to Configure Apache HTTPS Reverse Proxy on CentOS Linux

What is a reverse proxy?

A reverse proxy accepts connections and then routes them to the appropriate backend server. For example, if we have a Ruby application running on, we can configure
a reverse proxy to accept connections on HTTP or HTTPS, which can then transparently proxy requests to the ruby backend.

What are reverse proxies used for?

  • Backend routing logic/transparent routing
  • Network ACLs
  • Logging
  • URL rewriting
  • Virtualhost configuration
  • Easy SSL configuration

Configure Apache reverse proxy on CentOS Linux

In this tutorial, we will learn how to configure a reverse proxy with HTTPS in Apache on CentOS Linux. We will not cover obtaining SSL certificates in this particular tutorial, but you can follow this tutorial on obtaining free SSL certificates on CentOS Linux with Let’s Encrypt.

We’ll use example application running on as the backend service that we want to reverse proxy requests to.

1. Firstly, ensure that Apache is installed

yum install httpd mod_ssl -y

2. Define Apache reverse proxy configuration

For this config, we’ll use example virtualhost

vim /etc/httpd/conf.d/
<VirtualHost *:80>


# Redirect any HTTP request to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]

# Logging
LogLevel warn
CustomLog combined


<VirtualHost *:443>


# Logging
LogLevel warn
CustomLog combined

# SSL Configuration - uses strong cipher list - these might need to be downgraded if you need to support older browsers/devices
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
SSLCertificateFile /path/to/your/certificate.crt
SSLCertificateKeyFile /path/to/your/certificate.private_key
SSLCertificateChainFile /path/to/your/certificate/chainfile.crt

# HSTS (optional)
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
# Remove this if you need to use frames or iframes
Header always set X-Frame-Options DENY
# Prevent MIME based attacks
Header set X-Content-Type-Options "nosniff"

# Reverse proxy configuration
<Location />
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/


Apologies – the syntax highlighting plugin that I use does not honour leading tabs or whitespace, so formatting is a bit ugly here!

3. Enable and start the Apache service

systemctl enable httpd && systemctl start httpd

Final Notes

Your Apache reverse proxy should now be running! You can now access your application via

This config demonstrates the simplest form of using Apache as a reverse proxy – a single backend service. The Apache reverse proxy module is quite powerful, and supports configuring multiple backends, clusters and load balancing algorithms. You can find out more about Apache’s reverse proxy configuration module from Apache’s Reverse Proxy Guide.

Scan to Donate Bitcoin to Curtis K
Did you like this?
Tip Curtis K with Bitcoin
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the author of CentOS Blog. Please feel free to comment with any suggestions, feedback or questions!