Posted on December 23, 2016 at 10:00 PM
In today’s article, you will learn how to create a TCP proxy with HAProxy; a reliable, high performance TCP/HTTP load balancer.
You may be wondering “What is a TCP proxy?” or “Why should I use one?”. A TCP proxy acts as an intermediary between a client and another server, called the destination server. Clients establish connections to the TCP proxy server, which then establishes a connection to the destination server. TCP Proxies help provide an extra layer of security to your service by shielding the main servers IP address from the public.
Now that we have the basics down let’s get started! First you will need to find a reliable Virtual Private Server (VPS) provider. Be cautious when searching for VPS providers; some may be overpriced or have over crowded nodes. Always search for reviews before deciding on a provider.
I have had very good experiences with the following two providers; DigitalOcean and Vultr.
DigitalOcean - Sign up today and receive $10.00 credit!
Once you have decided on a VPS provider, create a new VPS with the OS image 'CentOS 6.x'. I wont go into detail on this step because all VPS providers are not the same. If you run into problems creating a VPS with your new provider please contact their support team or check their documentation.
At this point you should have a new VPS with a fresh installation of CentOS 6.x. Retreive the IP Address and root password and then login to your VPS as 'root'. You may use PuTTY or the terminal within the VPS providers control panel. We can now install and configure HAProxy.
Step 1: Install Nano
yum install nano
Step 2: Install HAProxy
yum install haproxy
Step 3: Configure HAProxy
Replace contents with the following:
log /dev/log local4
listen proxy1 PROXY_IP:PROXY_PORT
server proxy1_1 DESTINATION_IP:DESTINATION_PORT
Step 4: Start HAProxy Service
service haproxy start
Step 5: Configure your Server
Now that everything is up and running; you will need to update the client side of the application you are trying to protect. This step is specific to your project so I will not go into great detail here; however, you must change the connection information of your client so that it connects to the proxy servers IP address and port instead of directly to your destination server.
If you have trouble with this step please conduct a search with the search engine of your choice to find a more product specific guide.
CloudCache's only revenue comes from non-intrusive Google Advertisements.
Please consider disabling any adblocking software for our website. We appreciate your support!