Re: Securing a webserver through reverse proxy?

From: brian_carpio@csgsystems.com
Date: 02/20/03

Next message: Markus.henze@Wasserwacht-Lechfeld.de: "IP-adresses in Windows 2000 event log"

Previous message: Paul Stewart: "Windows 2000 Server Attacks"
In reply to: Alejandro Flores: "Re: Securing a webserver through reverse proxy?"
Next in thread: theog: "Re: Securing a webserver through reverse proxy?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: brian_carpio@csgsystems.com
Date: Thu, 20 Feb 2003 11:21:14 -0700 (MST)
To: Alejandro Flores <aflores@ipad.com.br>

Agree,

I use the same things here to proxy hdml apps, IIS servers, Apache
Servers etc...

Apache's reverse proxy implementation is great you can provide
authentication with htpasswd files or with an ldap database!

--------------
Brian Carpio
CSG Systems Inc.
Open Systems Unix System Admin

x3317
--------------

On 19 Feb 2003, Alejandro Flores wrote:

> Hi,
>
> I have implemented some time ago, something like this, but using
> apache. Apache has a proxy module, that makes apache work as a proxy for
> a hole site, or just some directories (this module does much more...). I
> mean, you can have an exposed webserver (apache), and when someone issue
> an GET /somedir/ apache will download http://othersite.../somedir/ and
> show it to you.
> The httpd.conf will have something like this on your virtualhost
> directive:
>
> ProxyPass /somedir/ http://othersite/somedir/
>
> So, you can have an apache webserver running on the internet, and
> mapping some directories to your internal IIS or wherever webserver you
> have.
>
> Hope you can understand something!
>
> Regards,
> Alejandro
>
>
> > Greetings,
> >
> > I've read about a way to secure webservers, which must not be directly
> > exposed to the Internet, using a reverse proxy, e.g. MS ISA Server or
> > Squid on a UNIX box.
> >
> > Now my question would be: Has anyone experience with that? Is it really
> > more secure (compared to firewalling and port forwarding)? Is the MS ISA
> > Server Webpublishing rule (which implies reverse caching) doing an
> > application layer filtering or does it just the mentioned caching? Can a
> > Squid reverse proxy solution fulfill that too?
> >
> > If not, what are the steps necessary to accomplish this?
> >
> > Your input is appreciated.
> >
> > --
> > Jonas Nagel <fireball@zerouptime.ch>
> >
> >
>
>
>

Next message: Markus.henze@Wasserwacht-Lechfeld.de: "IP-adresses in Windows 2000 event log"
Previous message: Paul Stewart: "Windows 2000 Server Attacks"
In reply to: Alejandro Flores: "Re: Securing a webserver through reverse proxy?"
Next in thread: theog: "Re: Securing a webserver through reverse proxy?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [SLE] Enabling Apache Modules
... > I just installed Suse 9.3 and am trying to setup a reverse proxy with ... How can I enable the proxy module for Apache under Suse? ... I want to reverse proxy ... Hamradio License G3VBV, Keen licensed Private Pilot ...
(SuSE)
Re: Trouble using Apache 2.0 to proxy IIS 6.0
... Use a Network Trace program like NetMon, included with Windows Server 2003, ... I would first look at whether the Apache reverse proxy is properly ... I am having multiple issues using Apache 2.0 to proxy requests to IIS ...
(microsoft.public.inetserver.iis)
Re: IIS 6 Questions
... Either you need a reverse proxy, for example OctaGate, Apache (apache can ... want the webserver part of it), ... Kristofer Gafvert - IIS MVP ...
(microsoft.public.inetserver.iis)
[SLE] Enabling Apache Modules
... I just installed Suse 9.3 and am trying to setup a reverse proxy with ... How can I enable the proxy module for Apache under Suse? ... I want to reverse proxy ...
(SuSE)
Bots hitting my web server?
... I know of two boxes that had apache running on them. ... and used by someone/something to fetch pages from remote servers. ... cases, ads but in most cases, porn. ... they would come back in a torrent of requests. ...
(Incidents)