An instance of the Apache web server runs in the public zone, the restricted zone, and the webservice zone. The /etc/apache2/httpd.conf file is updated in each zone as follows:
public zone – Specify the IP address or host name of the server for the ServerName keyword, and update the proxy configuration as follows:
ServerName myserver ProxyRequests Off ProxyPass /demo http://proxy:8080/demo ProxyPassReverse /demo http://proxy:8080/demo
restricted zone – Specify the listen proxy port and the port. Then, specify the IP address or host name of this zone for the ServerName keyword, and update the proxy configuration as follows:
Listen proxy:8080 Port 8080 ServerName proxy ProxyRequests Off ProxyPass /demo http://webservice ProxyPassReverse /demo http://webservice
You might also want to set up some filtering of the web requests, such as dirty word filters, or other filters to restrict the types of requests for web content.
webservice zone – Specify the IP address or host name of this zone for the ServerName keyword, and point to the location of the web content directory in the DocumentRoot keyword and the <Directory> element as follows:
ServerName webservice DocumentRoot "/zone/webcontent/export/home/www/htdocs" <Directory "/zone/webcontent/export/home/www/htdocs">
After you have updated the Apache web server configuration files for each labeled zone, store your web content in the /export/home/www/htdocs directory of the webcontent zone.
Create the demo directory in the /export/home/www/htdocs directory, and then create an index.html file in the demo directory to use for testing.
The /export/home directory is automatically mounted by using lofs into the webservice zone when it is booted. The webcontent zone only needs to brought up to the ready state.
# zoneadm -z webcontent ready
When a zone is in the ready state, no processes are running in that zone. The zone's file system can be mounted read-only by the webservice zone. Accessing the web content in this way ensures that the content cannot be changed.