Apache reverse proxy

Things I have tried

I have followed the setup instructions for an Apache reverse proxy in the Publish docs.

What I’m trying to do

We have a licensed copy of Publish.

I have set up an Apache reverse proxy for our Obsidian Publish site, and it works quite well. The main reason for this was password management, as we post some confidential information (e.g. employee names and contact details) in Publish. We intend for this to be only available to employees, so we needed an easy way to create unique usernames and passwords for all staff, and also easily decommission it in case they leave our employ. We are hosting the reverse proxy on a server in a hosting center in Johannesburg, South Africa. Our DNS setup is hosted in Cloudflare.

However, after implementing this, I had some issues and questions raised:

  • Some staff have complained that access to the site is slower for them than before.
  • Some staff have complained that they are not seeing changes to the pages when updates to the site is done. Clearing the browser cache fixes this, so it appears to be a caching issue.
  • Is it possible to keep the password that Publish allows us to set on the site and have the proxy pass it when the request is done?
  • Are there any other general security tips when it comes to Publish?

The proxy configuration is as follows:

        SSLProxyEngine On
        RewriteEngine on
        RewriteRule    "^(.*)$"  "https://publish.obsidian.md/serve?url=our.domain/$1"  [L,P]

        <Location />
                SSLOptions +StdEnvVars
                AuthType Digest
                AuthName "<REMOVED"
                AuthDigestDomain / https://our.domain/
                AuthUserFile <REMOVED>
                Order allow,deny
                Allow from all
                Require valid-user

Thanks a lot

I haven’t administered Apache in years, but for employees not seeing changes. You’ll want to look at setting cache control headers for expiration in your Apache config. I’ll leave the rest for someone who’s had more recent experience with Apache. I moved on from System Administration to DevOps years ago.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.