From b3a8cffd33ff06620c8c699d5b62654b0b025f5c Mon Sep 17 00:00:00 2001
From: RustDesk <71636191+rustdesk@users.noreply.github.com>
Date: Fri, 13 Sep 2024 08:17:22 +0800
Subject: [PATCH] Updated Set up http proxy server (markdown)

---
 Set-up-http-proxy-server.md | 66 +++++++++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)

diff --git a/Set-up-http-proxy-server.md b/Set-up-http-proxy-server.md
index 5e5b5a1..9350b01 100644
--- a/Set-up-http-proxy-server.md
+++ b/Set-up-http-proxy-server.md
@@ -99,5 +99,71 @@ The `http` proxy allows connections to HTTPS endpoints.
 
 You can hide `Tinyproxy` behind `NGINX` to create a true `https` proxy, but there seems some bugs, https://github.com/tinyproxy/tinyproxy/issues/399, this might be why it is called `tiny`.
 
+One RustDesk user shared his method for creating an HTTPS proxy with Apache2. I have never tested, but you can try yourself.
+
+> sudo apt install apache2
+>  
+> Enable the necessary modules
+> a2enmod ssl
+> a2enmod proxy
+> a2enmod proxy_connect
+> a2enmod proxy_http
+>  
+> Create a file with proxy-user credentials:
+>  
+>        sudo htpasswd -b -c /etc/apache2/.htpasswd proxy-user your-password
+>  
+> Create a file /etc/apache2/sites-available/rustdesk.conf and add below lines:
+>  
+> <VirtualHost *:443>
+> SSLEngine on
+> SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
+> SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+>  
+>        ProxyRequests On
+>        ProxyVia On
+>        AllowCONNECT 21114-21119
+>        <Proxy *>
+>              AuthType Basic
+>              AuthName "Password Required"
+>              AuthUserFile /etc/apache2/.htpasswd
+>              Require valid-user
+>        </Proxy>
+> </VirtualHost>
+>  
+> Disable the default site and enable the proxy config:
+>  
+> sudo a2dissite 000-default.conf
+> sudo a2ensite rustdesk.conf
+> sudo service apache2 restart
+>  
+> If you want to use ssl for the web console you can add another virtualhost to /etc/apache2/sites-available/rustdesk.conf. As port 443 is already used for the forwarding proxy, you can use for example port 4443.
+>  
+> <VirtualHost *:4443>
+> SSLEngine on
+> SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
+> SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+>  
+>        ProxyPass / http://127.0.0.1:21114/
+> ProxyPassReverse / http://127.0.0.1:21114/
+> </VirtualHost>
+>  
+> Change the line
+> AllowCONNECT 21114-21119
+> into
+> AllowCONNECT 4443 21114-21119
+>  
+> Restart apache2
+> sudo service apache2 restart
+>  
+> As all ports of hhhbs and hbbr are connected via proxy, you can disable these ports in ufw. You only need to open port 443 and 4443:
+> ufw allow 443/tcp
+> ufw allow 4443/tcp
+>  
+> Finally configure it on rustdesk:
+![image](https://github.com/user-attachments/assets/b2d0db7e-b42b-4077-9bdc-ce003ac677d2)
+
+
+