Proxying internal websites via OS X Server

Proxying internal websites via OS X Server

After rearranging my network to use an OS X server for my main web server there were a few web based systems that I need to expose to the outside world. The advice on Reverse Proxy with macOS Server ( by Mark Boszko worked for me.
I am reproducing the core of the article Reverse Proxy with macOS Server in case the original should cease to be available:

To proxy the internal system (site2) with IP address

Create a web app configuration file on the macOS Server machine
ProxyPreserveHost On
ProxyPassReverse /
ProxyPass /

and the plist file which refers to the conf file

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">   <!-- See man pages for webapp.plist(5) and webappctl(8) for information about this example webapp.plist -->   <plist version="1.0">     <dict>         <key>includeFiles</key>             <array> <!-- Include files are activated in virtual host when webapp is started -->                 <string>/Library/Server/Web/Config/apache2/httpd_site2webapp.conf</string>             </array>         <key>name</key>             <string>com.example.site2webapp</string>         <key>displayName</key> <!-- Name shown in Server app -->             <string>site2WebApp</string>         <key>installationIndicatorFilePath</key> <!-- The presence of this file indicates web app is installed -->             <string>/Library/Server/Web/Config/apache2/httpd_site2webapp.conf</string>         <key>sslPolicy</key><!-- Determines webapp SSL behavior -->             <integer>0</integer> <!-- 0: default, UseSSLWhenEnabled -->                                  <!-- 1: UseSSLAlways -->                                  <!-- 2: UseSSLOnlyWhenCertificateIsTrustable -->                                  <!-- 3: UseSSLNever -->                                  <!-- 4: UseSSLAndNonSSL -->     </dict> </plist>

Ensure that the files are owned by root and group wheel with permissions 644.

And then add the new domain to the server by:
  1. In the Websites tab of, click the + below the Websites to add a new site
  2. Enter for Domain Name
  3. Leave everything else as default
  4. Click Edit Advanced Settings…
  5. Under the section “Make these web apps available on this website:” check Enable for site2WebApp
  6. Click OK
  7. Click Create

Please refer to the original article ( from which I have copied the example and a significant portion of the text for more detail.