Pound

Installation
Create a directory to work in:

mkdir -p /extra/src
cd /extra/src

Download and unpack the source:

wget https://github.com/graygnuorg/pound/releases/download/v4.13/pound-4.13.tar.gz
tar zxf pound-4.13.tar.gz
cd pound-4.13

Configure it, then build and install:

./configure --with-ssl
make
make install

Basic Configuration
Create a config file /usr/local/etc/pound.cfg for a basic setup to proxy requests to an internal server:

## sample pound.cfg
#
User  "nobody"
Group  "nobody"
## Logging: (goes to syslog by default)
## 0 no logging
## 1 normal
## 2 extended
## 3 Apache-style (common log format)
LogLevel 1
## Log to stdout
LogFacility -
## check backend every X secs:
Alive 30
## Run in foreground for daemontools startup
Daemon 0

ListenHTTP
  Address 127.0.0.1
  Port  80

  Service
    Host  ".*www.server0.com.*"

    BackEnd
      Address 192.168.0.10
      Port    80
    End
  End

End

Automatic Startup
We're going to use daemontools.
If you haven't already, install daemontools.

Create a directory for the Pound service:

mkdir -m 1755 /var/service/pound
cd /var/service/pound

Create the run script and make it executable:

echo '#!/bin/sh' > run
echo 'exec /usr/local/sbin/pound' >> run
chmod 755 run

Our log script comes from John Simpson:

mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run

Finally, add the service to daemontools by creating the symbolic link in /service

ln -s /var/service/pound /service/pound

Confirm that the service is running:

svstat /service/pound /service/pound/log

IP addresses and X-Forwarded-for
When running behind the Pound proxy, the web server will see the proxy's IP address as the source of the traffic. To get the actual IP address, adjust the program's logging to use the X-Forwarded-for.

  • Apache - edit /usr/local/apache2/conf/http.conf and add a new log format for Pound:
    LogFormat ""%{X-Forwarded-for}i" %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" "%{forensic-id}n"" poundcombined

    Then adjust AccessLog directive in your VirtualHost configuration in

    /usr/local/apache2/conf/extra/httpd-vhosts.conf<code>:
    <code>
    CustomLog /var/websites/domain/logs/domain-access_log poundcombined
  • Drupal
    Edit your site's settings.php file to enable using the X-Forwarded-for header:

    $conf['reverse_proxy'] = TRUE;
    $conf['reverse_proxy_addresses'] = array('1.2.3.4');

Recent Updates

  • 5 days 1 hour ago
    1.27.2 update
  • 2 weeks 2 days ago
    Drupal 10/11 config
  • 2 weeks 3 days ago
  • PHP
    2 weeks 3 days ago
    PHP 8.3.11 and AlmaLinux
  • 2 weeks 4 days ago
    New version of Pound