I need to configure an apache server to serve a frontend and a backend (both php) from the same machine. The following is to consider:
- The backend is RESTful and the API is secured by the firewall allowing only localhost access (only as temporary solution till API tokens are implemented).
- The frontend is on the same machine as backend at the moment, but will move to another server in some time.
- Static content will be delivered from the backend machine
My current configuration looks like following:
NameVirtualHost *:80
NameVirtualHost *:81
ServerName www.myServer.de
ServerAdmin webmaster@localhost
DocumentRoot /data/fe/public
Options FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from All
Options FollowSymLinks
AllowOverride AuthConfig
Order allow,deny
allow from all
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
ErrorLog ${APACHE_LOG_DIR}/error_fe.log
CustomLog ${APACHE_LOG_DIR}/access_fe.log combined
ServerAdmin webmaster@localhost
DocumentRoot /data/be/public
Options FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from All
Options FollowSymLinks
AllowOverride AuthConfig
Order allow,deny
allow from all
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
ErrorLog ${APACHE_LOG_DIR}/error_be.log
CustomLog ${APACHE_LOG_DIR}/access_be.log combined
How can I configure the backend to serve static content without access limitation but keep the API secured. Or would it be an alternative to deliver static content through the application?
I'm using
- Debian 8.1
- Apache 2.4
