This is an old revision of the document!
How to use Hiawatha as a reverse proxy server for Synchronet
Synchronet 3.16c and prior versions do not support SSL connections. Synchronet CVS subsequent to 3.16c have an implementation of SSL, but you may either have problems with it working correctly or you may simply with to use Hiawatha's implementation of SSL. Hiawatha also has several other security features which can be useful for increasing security for Synchronet's webserver.
Installation of Hiawatha
Hiawatha is available for Windows, Mac OSX, and many different Linux distributions. Check your operating system's package repositories or visit Hiawatha's download page at https://www.hiawatha-webserver.org/download
General setup of Hiawatha is beyond the scope of this tutorial, but you will find some helpful information at the following pages.
https://www.hiawatha-webserver.org/support https://wiki.archlinux.org/index.php/Hiawatha
Minimal Hiawatha Configuration to use as a reverse proxy server
The default location for the Hiawatha configuration file may differ on your system, but for our example we will refer to /etc/hiawatha/hiawatha.conf.
open /etc/hiawatha/hiawatha.conf as root and scroll toward the bottom of the file. You'll see a commented out example section with the heading “VIRTUAL HOSTS”. Create a section similar to the one below.
VirtualHost {
Hostname = stardate.synchro.net WebsiteRoot = /home/sbbs/sbbs/web/root StartFile = index.ssjs ReverseProxy .* http://127.0.0.1:81/ RequireTLS = yes
}
1. Hostname: Assume your BBS's name is The Star Date BBS, and your URL is stardate.synchro.net. You'll place this on the first line. 2. WebsiteRoot: The next line is the root directory of Synchronet's webserver. Change this to /sbbs/web/root, /opt/sbbs/web/root or whatever the location is on your system. 3. StartFile: This is the name of the default page to load when someone accesses your web page. 4. ReverseProxy: This tells Hiawatha to redirect the traffic it receives to this IP address and port. This will be the same IP address and port you will configure your Synchronet webserver to listen to. This could be another IP address such as 192.168.0.100 if this is the Synchronet webserver's IP address. This could be necessary if Hiawatha is running on a different machine that the Synchronet webserver. However, 127.0.0.1 is more secure. If you do have to use the machine's LAN IP address, make sure you're using iptables or some other firewall to ensure that the Synchronet webserver cannot be accessed directly from the internet thus circumventing your proxy server.