Using Apache Proxy to Suppress Banner Ads
No matter how much you have, Internet bandwidth never seems to be enough. At home, I dial up on an oldish analog exchange to the Internet, rarely getting connections better than 4800 bps; at the office, I have a (shared) 64KB leased line to our U.S. office and thence to the Internet. However, no matter where I surf (it's part of my job), I have always wished there were a way to avoid waiting for pages to display while loading banner ad graphics from the remote server.
I am running an old, completely hacked version of Red Hat (2.0 to be precise) with kernel 2.2.10 on my 66MHz 486 PC at home. I use this system for browsing (mainly using Lynx), software development and fooling around with Linux. My wife and two children also use it, primarily for browsing and e-mail using one of the web-based e-mail services with Netscape Communicator.
Since I first installed Linux on this system a few years ago, I've been running the Apache web server to serve local content. More recently, I've also enabled Apache's caching Proxy module to maintain a local cache of commonly accessed documents, speeding up Internet access somewhat. The version of Apache I'm running is 1.3.3 (yes, I should upgrade to the latest and greatest, but there's no pressing hurry).
The Apache web server (http://www.apache.org/) is a well-known HTTP server and is part of most, if not all, Linux distributions. Along with being the world's most popular web server, running on over 56% of web sites (Netcraft survey at http://www.netcraft.com/), Apache also has features which helped me replace graphics from well-known banner ad sites with an innocuous local graphic.
Since the distribution I'm running is so old, I will describe the methodology of replicating this on a more modern distribution, namely Red Hat 6.0. Most other popular distributions of Linux will require the same or similar steps.
In order to use Apache for this purpose, I had to set it up as an HTTP Proxy, using mod_proxy, and enable and use the URL rewriting engine built into Apache (mod_rewrite).
In a nutshell, you must first set up Apache to act as a proxy server for the browsers on your local network (or for a single system, which is what I do at home) and tell the client browsers to use that Apache host as a proxy. Then use the powerful mod_rewrite URL rewriting engine to search for banner ad HTTP requests (these match the URLs of well-known banner ad server hosts) and substitute a local graphic for them. With this done, you can sit back and watch your web pages flow into your browser, while that irritating advertising is automatically replaced with a more soothing and altogether more relevant graphic.
You will need to be root while following the steps discussed here.
The first step is loading and enabling the proxy module (mod_proxy) which is part of Apache. In most distributions, you enable mod_proxy by appending the following line to your Apache server's configuration file (/etc/httpd/conf/httpd.conf or /usr/local/apache/etc/httpd.conf):
To check if the module was loaded okay, restart the web server with the command:
killall -1 httpdCheck the last few lines of the Apache error log (usually in ../logs/error_log or ../var/log/error_log relative to the httpd.conf file), and if there are no errors, celebrate! Apache's proxy feature is enabled. This has been tested on Red Hat Linux 6.0 and Debian's “Potato” GNU/Linux 2.2, and it should work with SuSE Linux 6.1.
If you get an error message like:
Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
then you need to either locate the Apache Proxy module, or download and install a version of Apache which has mod_proxy available. Installation is outside the scope of this article. See the Apache HOWTO at www.apache.org/docs-1.2/mod/mod_proxy.html.
Once you have the Apache proxy configured and running, you can tell your client browsers to use it. In Netscape Communicator, select Edit/Preferences/Advanced/Proxies and “Manual Proxy Configuration”. Click on the “View” button, and enter the name of the host running Apache in the text entry boxes for “FTP Proxy:” and “HTTP Proxy:”, using 80 as the port number for each.
For Lynx, edit the global Lynx configuration file found by default in /etc/lynx.cfg or /usr/local/lib/lynx.cfg and change these lines
#http_proxy:http://some.server.dom:port/ #http://some.server.dom:port/ #ftp_proxy:http://some.server.dom:port/
to look like:
http_proxy:http://apache.my.dom:80/ http://apache.my.dom:80/ ftp_proxy:http://apache.my.dom:80/Then, replace apache.my.dom with the name of the host running the Apache server. Similar techniques will apply to other web browsers—consult the browser's manual for details.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide