Apache HTTP Proxy installation and cache

icon_details_hoverNOTE

You can choose to install Squid as an alternative to Apache HTTP Proxy.

To install Apache HTTP Proxy on Windows, follow these steps:

1.Visit the ESET Cloud Administrator download section to download a standalone installer for ECA components.

2.Open ApacheHttp.zip and extract the files to C:\Program Files\Apache HTTP Proxy

icon_details_hoverNOTE

If you want to install Apache HTTP Proxy on a different hard drive, C:\Program Files\ must be replaced with the corresponding path in the instructions below and in the httpd.conf file located in the Apache HTTP Proxy\bin directory. For example, if you extract the content of ApacheHttp.zip to D:\Apache Http Proxy, then C:\Program Files\ must be replaced with D:\Apache Http Proxy.

3.Open an administrative command prompt and change directory to C:\Program Files\Apache HTTP Proxy\bin

4.Execute the following command:

httpd.exe -k install -n ApacheHttpProxy

5.Using a text editor such as Notepad, open the httpd.conf file and add the following lines at the bottom of the file:

ServerRoot "C:\Program Files\Apache HTTP Proxy"

DocumentRoot "C:\Program Files\Apache HTTP Proxy\htdocs"

<Directory "C:\Program Files\Apache HTTP Proxy\htdocs">

Options Indexes FollowSymLinks

AllowOverride None

Require all granted

</Directory>

CacheRoot "C:\Program Files\Apache HTTP Proxy\cache"

icon_details_hoverNOTE

If you wish the cache directory to be located somewhere else, for example on another disk drive, such as D:\Apache HTTP Proxy\cache, then in the last line of the code above change "C:\Program Files\Apache HTTP Proxy\cache" to "D:\Apache HTTP Proxy\cache".

6.Start the ApacheHttpProxy service using the following command:

sc start ApacheHttpProxy

7.You can verify that the Apache HTTP Proxy service is running in the services.msc snap-in (look for ApacheHttpProxy). By default, the service is configured to start automatically.

 

Follow the steps below to configure a username and password for Apache HTTP Proxy (recommended):

1.Stop the ApacheHttpProxy service by opening an elevated command prompt and executing the following command:

sc stop ApacheHttpProxy

2.Verify the presence of the following modules in C:\Program Files\Apache HTTP Proxy\conf\httpd.conf:

LoadModule authn_core_module modules\mod_authn_core.dll

LoadModule authn_file_module modules\mod_authn_file.dll

LoadModule authz_groupfile_module modules\mod_authz_groupfile.dll

LoadModule auth_basic_module modules\mod_auth_basic.dll

3.Add the following lines to C:\Program Files\Apache HTTP Proxy\conf\httpd.conf under <Proxy *>:

AuthType Basic

AuthName "Password Required"

AuthUserFile password.file

AuthGroupFile group.file

Require group usergroup

4.Use the htpasswd command to create a file named password.file in the folder Apache HTTP Proxy\bin\ (you will be prompted for password):

htpasswd.exe -c ..\password.file username

5.Manually create the file group.file in the folder Apache HTTP Proxy\ with the following content:

usergroup:username

6.Start the ApacheHttpProxy service by executing the following command in an elevated command prompt:

sc start ApacheHttpProxy

7.Test the connection to HTTP Proxy by accessing the following URL in your browser:

http://[IP address]:3128/index.html

icon_details_hoverNOTE

Once you have successfully completed installation of Apache HTTP Proxy, you have the option to allow ESET communication only (blocking all other traffic - default) or allow all traffic. Perform the necessary configuration changes as described here:

Forwarding for ESET communication only

Proxy chaining (all traffic)

 

The following command will display a list of content which is currently cached:

"C:\Program Files\Apache HTTP Proxy\bin\htcacheclean.exe" -a -p "C:\ProgramData\Apache HTTP Proxy\cache"

Use the htcacheclean tool to clean up the disk cache. The recommended command (setting cache size to 10 GB and cached files limit to ~12000) is shown here:

"C:\Program Files\Apache HTTP Proxy\bin\htcacheclean.exe" -n -t^
-p"C:\ProgramData\Apache HTTP Proxy\cache" -l10000M -L12000

To schedule cache clean up every hour run:

schtasks /Create /F /RU "SYSTEM" /SC HOURLY /TN ESETApacheHttpProxyCleanTask^
/TR "\"C:\Program Files\Apache HTTP Proxy\bin\htcacheclean.exe\"^
-n -t -p \"C:\ProgramData\Apache HTTP Proxy\cache\" -l10000M -L12000"

If you choose to allow all traffic, the recommended commands are:

"C:\Program Files\Apache HTTP Proxy\bin\htcacheclean.exe" -n -t^
-p"C:\ProgramData\Apache HTTP Proxy\cache" -l10000M

schtasks /Create /F /RU "SYSTEM" /SC HOURLY /TN ESETApacheHttpProxyCleanTask
/TR "\"C:\Program Files\Apache HTTP Proxy\bin/htcacheclean.exe\"^
-n -t -p \"C:\ProgramData\Apache HTTP Proxy\cache\" -l10000M"

icon_details_hoverNOTE

The ^ character right after end of line in the commands above is essential, if it is not included the command will not execute correctly.

For more information, visit our Knowledgebase article or the Apache Authentication and Authorization documentation.