SharkRF connector server behind Apache proxy behind Cloudflare

I wanted to make my SharkRF Connector Server dashboard available from the internet but I did not want to allow direct access to my SharkRF Connector Server dashboard. I decided to setup an Apache2 proxy server that would sit between my SharkRF Connector Server dashboard and also sit that server behind Cloudflare.

This is not a tutorial or guide but my notes/thoughts for future setup.
If you are following this as a guide or how-to you must have a working understanding of Apache2, proxies, SSL (TLS) encryption usage on Apache2, and a working DNS server knowledge. This is beyond the basics.

Requirements:

  1. Apache web server
  2. SharkRF Connector Server
  3. Publicly routable DNS address (such as rf01vdash.johndball.com)
  4. Cloudflare account that is setup and working with DNS entries and crypto configured

Setup

  1. You will need the SharkRF Connector Server dashboard running and working. See: https://www.johndball.com/sharkrf-connector-server-web-interface-and-auto-start/
  2. On your Apache web server, create a new virtual host (nano /etc/apache2/sites-available sharkrfproxy.com.conf)
    1. *sharkrfproxy.com.conf can be any name. If you have a DNS name, such as “yourdomain.com” feel free to change it to sharkrfproxy.yourdomain.com.
  3. In the new .com.conf file, copy and paste this config text. Change the orange text to match your address and name of the SharkRF Connector Server.
    <IfModule mod_ssl.c>
    <VirtualHost *:443>
    ServerAdmin youremail@yourdomain.com
    ServerName sharkrfdash.yourdomain.com
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/sharkrfdash.pem
    SSLCertificateKeyFile /etc/apache2/ssl/sharkrfdash.key
    ProxyPass / http://1.2.3.4:80/
    ProxyPassReverse / http://1.2.3.4:80/
    </VirtualHost>
    </IfModule>
  4. Save that file then run cd /etc/apache2/ssl.
  5. In the new directory, run this command: openssl req -new -newkey rsa:2048 -nodes -keyout sharkrfdash.key -out sharkrfdash.csr
  6. Take the contents of the CSR file and go to https://www.cloudflare.com. Under the “Crypto” tab, create a new origin certificate matching the publicly routable DNS name of your SharkRF dashboard server. Paste the CSR into the certificate field. Take the PEM file that is generated and copy it to /etc/apache2/ssl/sharkrfdash.pem
  7. On your Apache2 web server run a2ensite sharkrfproxy.yourdomain.com
  8. On your Apache2 web server run service apache2 restart

Testing

  1. Internally, as in on your local area network, you should be able to browse directly to http://yourSharkRFserver and get the SharkRF dashboard.
  2. Next go to http:// or https://sharkrfdash.YourPublicDNSname.com and make sure the site loads. This should be going through Cloudflare.
      1. If the site doesn’t load, create a new DNS entry on your local area network to point to SharkRFdashTest.yourdomain.local to your internal server and repeat step 2 under the setup section above.
      2. Use this for your test virtual host config file and modify as needed.
        <VirtualHost *:80>
        ProxyPreserveHost On
        ProxyPass / http://1.2.3.4:80/
        ProxyPassReverse / http://1.2.3.4:80/
        ServerName SharkRFdashTEST.yourdomain.local
        </VirtualHost>
  3. If all else fails post in the comments section below.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.