A quick tip, how to map web-apps on random ports to the main apache webserver. This way you can run these services on subdomains or sub-directories and support SSL encrypted https connection, even if it is not directly supported.
Take care to not open a proxy for everybody or it can be abused by spammers. “ProxyPass” combined with “ProxyRequests Off” is save.
If the original port is not used anymore, it can be closed in the firewall. Only for the icecast stream it is s useful to keep :8000 open. By mapping to an internal IP a address of a virtual machine, you can also forward to vservers.
The admin webinterface on /admin/ can be redirected by mod_rewrite to a secure SSL connection.
Example: Icecast ProxyPass to map webinterface on port 8000 to apache subdomoain (port 80)
[c]
<VirtualHost *:80>
… # your vhost here: ServerName, Logs, etc
…
# Proxy ACL
ProxyRequests Off
<Proxy>
Order allow,deny
Allow from all
</Proxy>
# Proxy directives
ProxyPass / http://192.168.1.7:8000/
ProxyPassReverse / http://192.168.1.7:8000/
ProxyPreserveHost on
# redirect /admin to https:
RewriteEngine On
RewriteRule /admin.* https://tv.example.com:443/admin/ [R]
</VirtualHost>
[/c]
Example: Icecast ProxyPass to map admin webinterface on port 8000 to apache subdomoain (port 443)
[c]
<VirtualHost *:443>
… # your vhost here: ServerName, Logs, etc
…
SSLEngine On
# Proxy ACL
ProxyRequests Off
<Proxy>
Order allow,deny
Allow from all
</Proxy>
# Proxy directives
ProxyPass / http://192.168.1.7:8000/
ProxyPassReverse / http://192.168.1.7:8000/
ProxyPreserveHost on
</VirtualHost>
[/c]