Creating your own Web proxy
I was looking for a Web proxy script to install on my server and found nph-proxy.cgi at https://jmarshall.com/tools/cgiproxy/ which seemed to be pretty cool. It does not work with complex websites like Twitter but still can be of use.
For some reason I could not make it work with Nginx through FastCGI. I tried to Google the solution but could only find that I was not the only one having this problem. So I decided to try it under Apache with mod_perl and with Nginx being the front end. So here is how to do it from scratch.
$ sudo -s
# aptitude install apache2 libapache2-mod-perl2
# service apache2 stop
Get and install proxy script:
# wget https://jmarshall.com/tools/cgiproxy/releases/cgiproxy.latest.tar.gz
# tar -xf cgiproxy.latest.tar.gz
# ./nph-proxy.cgi install
You will be asked about $PROXY_DIR, set it to /usr/local/etc.
Then you will be presented with this menu:
You can install CGIProxy as any one of these ways:
1. CGI script on Apache
2. CGI script on lighttpd
3. CGI script on another server
4. mod_perl script on Apache
5. FastCGI script on Apache
6. FastCGI script on nginx
7. FastCGI script on lighttpd
8. FastCGI script on another server
9. Using CGIProxy's own embedded server
---> Which way do you want to run CGIProxy? [1-9]
Answer 4
You will see this menu:
1. server/network environment
2. FastCGI
3. embedded server
4. database
5. common options
6. page header
7. seldom-used
Each item has a whole menu under itself.
Enter 1 and you will be presented with a big menu.
Set $SECRET_PATH by entering 3 and pr0xy
(or whatever you want it to be; it will be part of the URLs to your proxy and needs to be duplicated in other configs).
Set $RUNNING_ON_SSL_SERVER (just in case) by entering 5 and 1.
Set $USER_FACING_PORT by entering 15 and 443.
This is important because Apache will be working on another port.
Enter 0 twice to exit the submenu and the config menu.
You will be asked:
---> Which directory should we install CGIProxy under? ["/var/www/html"]
Enter /var/www/proxy
Then it will do the process including installation of Perl modules. Just press Enter when you are asked for it.
Now complete the configuration of Apache:
# mcedit /etc/apache2/conf-available/mod_perl.conf
Make it like this:
PerlSwitches -w
PerlSwitches -T
Alias /pr0xy /var/www/proxy
<Directory /var/www/proxy>
Options +ExecCGI
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSendHeader Off
<Files nph-*>
PerlOptions -ParseHeaders
</Files>
</Directory>
Then:
# a2enconf mod_perl
# mcedit /etc/apache2/ports.conf
Leave only this line there:
Listen 8080
And:
# mcedit /etc/apache2/sites-enabled/000-default.conf
Correct the first line to:
<VirtualHost *:8080>
Now we can start Apache and install and configure Nginx:
# service apache2 start
# aptitude install nginx
# mcedit /etc/nginx/sites-enabled/default
In server {} block uncomment the lines as shown below (for test purposes only, later you should configure it with Certbot):
# SSL configuration
#
listen 443 ssl default_server;
#listen [::]:443 ssl default_server;
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
include snippets/snakeoil.conf;
And insert the following:
location /pr0xy/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
Finally test Nginx config and restart the service:
# nginx -t
# nginx -s reload
This is it! Now you should be able to access your proxy in a browser:
https://<server>/pr0xy/nph-proxy.cgi