How to Exclude Specific URLs from mod_proxy Load Balancing in Apache


2 views

When using Apache's mod_proxy with load balancing configuration, there might be scenarios where you need to exclude certain URLs from being proxied. In this case, we have:

  • 2 Apache frontend servers
  • 4 Tomcat backend servers
  • mod_proxy configured as a load balancer

Current proxy balancer setup:

<Proxy balancer://backend-cluster1>
   BalancerMember http://10.0.0.1:8080 loadfactor=1 route=test1 retry=10
   BalancerMember http://10.0.0.2:8080 loadfactor=1 route=test2 retry=10
</Proxy>

The most effective way to exclude specific URLs is using the ProxyPass directive with exclusions. Here's how to implement it:

Method 1: Using ProxyPass Exclusion

# First exclude the specific URL
ProxyPass /exclude-me !

# Then proxy everything else to the balancer
ProxyPass / balancer://backend-cluster1/
ProxyPassReverse / balancer://backend-cluster1/

Method 2: Using LocationMatch

<LocationMatch "^/(exclude-me|another-url-to-exclude)">
    SetHandler none
    Order allow,deny
    Allow from all
</LocationMatch>

Let's say we need to exclude /healthcheck from being load balanced:

# Exclude healthcheck endpoint
ProxyPass /healthcheck !

# Standard proxy configuration
ProxyPass / balancer://backend-cluster1/
ProxyPassReverse / balancer://backend-cluster1/

# Alternative using Location block
<Location "/healthcheck">
    ProxyPass !
</Location>

For more complex exclusion patterns, you can use regular expressions:

# Exclude multiple URLs with regex
ProxyPassMatch ^/(healthcheck|status|test) !

# Or combine with other directives
<LocationMatch "^/(internal|private)">
    Require all denied
    ProxyPass !
</LocationMatch>
  • Always check Apache error logs when rules don't work as expected
  • Remember to restart Apache after configuration changes
  • Test with curl -v to verify the request isn't being proxied
  • The order of ProxyPass directives matters - exclusions should come first

In a typical Apache reverse proxy setup with mod_proxy_balancer, you might encounter situations where certain backend URLs need to be excluded from load balancing. This is particularly common when:

  • Certain paths should be handled directly by one specific backend server
  • Administrative interfaces need direct access
  • Special health check endpoints exist
  • Legacy APIs require direct server communication

The most effective way to exclude URLs is using ProxyPass directives with exclusions:


# First exclude the specific URL
ProxyPass /special-path !

# Then configure the general proxy rules
ProxyPass / balancer://backend-cluster1/
ProxyPassReverse / balancer://backend-cluster1/

For more complex patterns, use LocationMatch:


<LocationMatch "^/(special-path|another-path)">
    ProxyPass !
</LocationMatch>

Here's a full configuration example with context:


<Proxy balancer://backend-cluster1>
    BalancerMember http://10.0.0.1:8080 loadfactor=1 route=test1 retry=10
    BalancerMember http://10.0.0.2:8080 loadfactor=1 route=test2 retry=10
</Proxy>

# Exclude specific paths
ProxyPass /health-check !
ProxyPass /admin/console !

# Main proxy configuration
ProxyPass / balancer://backend-cluster1/
ProxyPassReverse / balancer://backend-cluster1/
  • Order matters - exclusion rules must come before general proxy rules
  • Use absolute paths for exclusions when possible
  • Test with curl -v to verify requests bypass the proxy
  • Consider using SetEnvIf for more complex conditional proxying

If exclusions don't work:

  1. Check Apache error logs for proxy-related errors
  2. Verify the mod_proxy modules are loaded in correct order
  3. Ensure no conflicting RewriteRules interfere
  4. Test with simplest possible configuration first