Security Basics mailing list archives
Re: A Good Reverse Proxy Product
From: Aiko Barz <aiko () deepco de>
Date: Fri, 2 May 2008 14:11:16 +0200
On Wed, Apr 30, 2008 at 02:43:22PM -0400, Paul Guibord wrote:
Greetings to all, We have a new MS Exchange server and the administrator wants to provide remote Outlook Web Access access to it from the internet. As opposed to having a direct outside to inside translation to it I was told that we could put a reverse proxy server in the DMZ and then provide a DMZ to inside translation form there. First of all does this sound like the safest approach and if so can anyone provide the name of a good stable/secure reverse proxy product.
Hi, I used Apache and Squid as a Reverse Proxy for OWA and RPC over HTTPs. Just a warning: You cannot use Apache as a Reverse Proxy for RPC over HTTPs anymore, because current versions are more strict and M$ is lying abount the HTTP "Content-Length": Outlook says, that the request has the content-length of 1GB. The Apache is waiting for the whole request: Dead lock. Outlook never intended to really send 1GB... https://issues.apache.org/bugzilla/show_bug.cgi?id=40029 If you want to use RPC over HTTPs with squid and Debian Stable, you need to know, that the default package is not build with SSL support. You need to get the Debian Source package and enable SSL support. (Just one line.) So long, Aiko -- :wq ✉
Attachment:
_bin
Description:
Current thread:
- Re: A Good Reverse Proxy Product Jon Kibler (May 01)
- Re: A Good Reverse Proxy Product Adriel Desautels (May 01)
- <Possible follow-ups>
- RE: A Good Reverse Proxy Product Dan Lynch (May 01)
- Re: A Good Reverse Proxy Product Aaron Howell (May 02)
- Re: A Good Reverse Proxy Product Adriel Desautels (May 05)
- Re: A Good Reverse Proxy Product Aaron Howell (May 02)
- Re: A Good Reverse Proxy Product Aiko Barz (May 02)
- Re: A Good Reverse Proxy Product David Glosser (May 05)