== Set up reverse proxy ==
If we have a customer server that they don't want to expose to the outside world (for http), we can set up a reverse proxy on our external facing web server.

=== In the customer host ===
We set up a "regular" website with an arbitrary URL.  In this example arbitrary url is "images.burnups.com.au"

/etc/httpd/conf/httpd.conf:

{{{
<VirtualHost *:80>
     ServerAdmin support@crecom.com.au
     DocumentRoot /var/www/html/images/
     ServerName images.burnups.com.au

    Alias /printers /var/www/html/printers
    <Directory /var/www/html/printers>
        Options FollowSymLinks MultiViews ExecCGI
        AllowOverride Options
        Order allow,deny
        Allow from all
    </Directory>
     ErrorLog logs/images.burnups.com.au-error_log
     CustomLog logs/images.burnups.com.au-access_log common
</Virtualhost>
}}}
=== In the external facing web server: ===
/etc/hosts:

{{{
192.168.240.139 images.burnups.com.au
}}}
/etc/httpd/conf/httpd.conf

{{{
<VirtualHost *:80>
        ServerName burnupsimages.crecom.com.au
        ProxyPass / http://images.burnups.com.au/
        ProxyPassReverse / http://images.burnups.com.au/

        ErrorLog logs/burnupsimages-error.log
        CustomLog logs/burnupsimages.log combined
</VirtualHost>
}}}
and go to DNS and make sure "burnupsimages.crecom.com.au" resolves to our outward facing server.

=== Setting up secure https ===
On the outward facing server, run "letsencrypt" and choose the correct domain from the list.  The script will make the appropriate changes to your http config.