|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: reverse proxy using apache
Subject: RE: reverse proxy using apache
From: Adrian Brinton (adrian
brinton.to)
Date: Fri Jan 14 2000 - 01:08:20 CST
- Next message: Rafi Sadowsky: "Re: Tools to correlate attacks b/w diff. logs"
- Previous message: Crumrine, Gary L: "Legal question"
- Maybe in reply to: Scott Saxen: "reverse proxy using apache"
- Maybe reply: Adrian Brinton: "RE: reverse proxy using apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I use it as an alternative to port forwarding. Using Apache, I can proxy
requests to a back end machine without allowing direct connectivity. You
can't use 90% of the IIS exploits that come out because Apache chokes on
them. A (non-security related) benefit is that I can also run multiple
servers on different FQDN's from one IP too.
I do mail relay with qmail too... this is my home network, so the geek
factor is really more compelling than any real security concerns :)
adrian
adrianbrinton.to
-----Original Message-----
From: Moore, James [mailto:James.MooreMSFC.NASA.GOV]
Sent: Thursday, January 13, 2000 8:00 AM
To: Adrian Brinton; firewall-wizardsnfr.net
Subject: RE: reverse proxy using apache
Just outta' cusiosity: what does this provide in terms of security?
Jim Moore
256.461.4381
----------- PGP PUBLIC KEY FINGERPRINT ------------
1D9C 3AC3 34E6 EEDF 22B9 7886 7797 6908 048F 049B
---------------------------------------------------
> -----Original Message-----
> From: Adrian Brinton [SMTP:adrianbrinton.to]
> Sent: Tuesday, January 11, 2000 12:43 AM
> To: 'Scott Saxen'; firewall-wizardsnfr.net
> Subject: RE: reverse proxy using apache
>
> I'm not sure if this is what you're looking for, but I use apache as a
> proxy server using the ProxyPass directive. I have the apache box on a
> dsl line and a NAT'ed network behind (this could be a DMZ if I had
some
> time and another few computers). When an outside user connects, they
see
> the apache box. Apache proxys them out to an IIS server (or whatever
you
> want) on the NAT'ed network. The user sees nothing... it looks like
> they're hitting the IIS (or whatever) server directly. Works for SSL
too
> (between the user and the proxy, in my case), you just have to add SSL
> support to apache. Below are the relevant lines of the httpd.conf
file.
- Next message: Rafi Sadowsky: "Re: Tools to correlate attacks b/w diff. logs"
- Previous message: Crumrine, Gary L: "Legal question"
- Maybe in reply to: Scott Saxen: "reverse proxy using apache"
- Maybe reply: Adrian Brinton: "RE: reverse proxy using apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sat Jan 15 2000 - 22:08:09 CST