Pound is an Open source program license under the GPL. It is a very tiny program focuses on a reverse proxy, HTTP and HTTPS sanitizer for a fail over server or a request redirector, load balancer and a SSL wrapper. Pound is Lightweight on Resource but powerful on usage. Pond can be perfectly integrated with the popular web services like apache, IIS, Weblogic, etc. In this tutorial we are going to install and configure the Pound HTTP / HTTPS Sanitizer on CentOS 5 / RHEL 5 with Step by Step Methods. Before Starting installation and configuration part first of all we know the Standard Ports for HTTP is 80 & for HTTPS is 443.
Configure the Pound HTTPS Sanitizer on CentOS / RHEL
Step-I (Download the Pound Packages)
# wget http://www.invoca.ch/pub/packages/pound/RPMS/ils-5/SRPMS/pound-2.6-2.el5.src.rpm
Step-II (Installation of Pound)
For RHEL 5
# rpm --rebuild pound-2.6-2.el5.src.rpm # cd /usr/src/redhat/RPM/ # rpm -ivh pound-2.6-2.el5.rpm
For CentOS 5
# rpm --rebuild pound-2.6-2.el5.src.rpm # cd /usr/src/centos/RPM/ # rpm -ivh pound-2.6-2.el5.rpm
Step-III (Configure the Pound configuration file)
# vi /etc/pound/pound.cfg
Add the following lines
Group "www-data" LogLevel 1 Alive 30 Control "/var/run/pound/poundctl.socket" ListenHTTP Address 0.0.0.0 Port 80 # This part makes sure you redirect all HTTP traffic to HTTPS Service HeadRequire "Host: techbrown.com" Redirect "https://techbrown.com" End End ListenHTTPS HeadRemove "X-Forwarded-Proto" AddHeader "X-Forwarded-Proto: https" Address 0.0.0.0 Port 443 Cert "/etc/ssl/techbrown.com/techbrown.com.pem" # This service removes the WWW-part Service HeadRequire "Host: www.techbrown.com" Redirect "https://techbrown.com" End # The main service which passes requests to Varnish Service HeadRequire "Host: techbrown.com" BackEnd Address 127.0.0.1 # 6081 is the default Varnish port Port 6081 End End End
Step-IV (Create & Copy PEM Certificate file into the desired location)
Create the PEM certification by follow the instructions and copy into the desired location.
Step-V (Edit the pound file)
# vi /etc/default/pound
Search and edit these lines
Step-VI (Restart the Pound Services)
# service pound restart
Congratulations now you have installed and configured Pound HTTP / HTTPS Sanitizer.