Forward a url to a specific internal machine

Hi, I have been trying to do this for some time now with no success.

I want to be able to configure apache to forward a partcular address to an internal machines webserver,
i.e on my external IP.
forward to’s web server port 80

or forward to internal machine port 80

I do not want to use port forwarding as i obviously have a server on the default port 80 of this main machine.

I think it somehow comes under proxying but the only proxying i can find is for a local file system not an ip address?

any help would GREATLY be appreciated.



You may be interested in tinkering with Apache’s mod_proxy:

You can see the examples in the above link, but essentially, you can add a line like this to a VirtualHost:

ProxyPass /foo http://my.local.address/bar

So anyone going to /foo on that Virtual Host would then be redirected to where ever you had "http://my.local.address/bar" pointing.

Have a good one,

Thanks Eric, going to give it a try now.

thanks for the speed responce and the explanation.

[color=#008000]«:::P:::» «:::E:::» «:::R:::» «:::F:::» «:::E:::» «:::C:::» «:::T:::»
Thanks Eric

Just one other thing… cheeky sod i am.

How do i use this to forward >>> internal.local.machine

The proxy pass and mod only seem to work on the end of the domain not the beginning of the domain?? is that right?


Well, if I understand what you’re after (and I may not, so feel free to go into more detail), you should be able to setup a VirtualHost on, that contains this:

ProxyPass / http://internal.local.machine/
ProxyPassReverse / http://internal.local.machine/

And that should handle proxying from the one VirtualHost to your internal box – without the browser knowing it’s going on.

If your virtualmin server is physically connected to the ‘outside’ as well as ‘inside’ network, which I believe it is, then you can setup iptables rules too.

here is an example:

iptables -t nat -A PREROUTING -p tcp -i $extif --dport 80 -j DNAT --to
iptables -A FORWARD -p tcp -s 0/0 -d -i $extif --dport 80 -j ACCEPT

If your machine doing the forwarding does not act as the default gateway for the machine at you might have to masquerade those packets on the internal interface too.

Firstly thanks to all who have replied so far. :slight_smile: I really do appreciate it!

Ok i think i should add a little more of an explanation.

My main webserver is connected to both internal and external.

My Iptables is forwarding the necessary traffic to machines for various roles.

What i want to be able to do is forward dns requests for

This also includes being able to send traffic on several port 80’s or 21’s etc

so iptables would not work unless i used a different port number, which i do not want to do.

Hope this clears up my request.