Firewall Wizards mailing list archives
RE: reverse proxy using apache
From: Adrian Brinton <adrian () brinton to>
Date: Thu, 13 Jan 2000 23:08:20 -0800
I use it as an alternative to port forwarding. Using Apache, I can proxy requests to a back end machine without allowing direct connectivity. You can't use 90% of the IIS exploits that come out because Apache chokes on them. A (non-security related) benefit is that I can also run multiple servers on different FQDN's from one IP too. I do mail relay with qmail too... this is my home network, so the geek factor is really more compelling than any real security concerns :) adrian adrian () brinton to -----Original Message----- From: Moore, James [mailto:James.Moore () MSFC NASA GOV] Sent: Thursday, January 13, 2000 8:00 AM To: Adrian Brinton; firewall-wizards () nfr net Subject: RE: reverse proxy using apache Just outta' cusiosity: what does this provide in terms of security? Jim Moore 256.461.4381 ----------- PGP PUBLIC KEY FINGERPRINT ------------ 1D9C 3AC3 34E6 EEDF 22B9 7886 7797 6908 048F 049B ---------------------------------------------------
-----Original Message----- From: Adrian Brinton [SMTP:adrian () brinton to] Sent: Tuesday, January 11, 2000 12:43 AM To: 'Scott Saxen'; firewall-wizards () nfr net Subject: RE: reverse proxy using apache I'm not sure if this is what you're looking for, but I use apache as a proxy server using the ProxyPass directive. I have the apache box on a dsl line and a NAT'ed network behind (this could be a DMZ if I had
some
time and another few computers). When an outside user connects, they
see
the apache box. Apache proxys them out to an IIS server (or whatever
you
want) on the NAT'ed network. The user sees nothing... it looks like they're hitting the IIS (or whatever) server directly. Works for SSL
too
(between the user and the proxy, in my case), you just have to add SSL support to apache. Below are the relevant lines of the httpd.conf
file.
Current thread:
- reverse proxy using apache Scott Saxen (Jan 09)
- Re: reverse proxy using apache Chuck O'Donnell (Jan 10)
- <Possible follow-ups>
- RE: reverse proxy using apache Adrian Brinton (Jan 12)
- RE: reverse proxy using apache Moore, James (Jan 15)
- RE: reverse proxy using apache Adrian Brinton (Jan 15)