Firewall Wizards mailing list archives
Re: Acceess to the Web server, which is behind the firewall
From: Jason Prondak <jprondak () dbna com>
Date: Thu, 19 Nov 1998 15:32:48 -0500
But don't you think that the notion of a reverse proxying is a little insecure! You are intern allowing machines that have a higher potential to be compromised, to live inside your secure network. If someone can hack into those servers, your entire internal network can be fruit for the picking's. Could web site replication via say...rsync using ssh be an option? All you have to do is replicate the web sites from the internal machines out to some servers on the DMZ. If you can honestly guarantee that those web servers, cgi scripts and such are not vulnerable, then go for it. --jason Eduardo.Martin () icex es wrote:
Hi, I have some Web servers, which are on the same computer, but have some virtual hostnames. This computer is behind the firewall. I would like users from Internet to access these Web servers, but Idon'twant to open direct access to this computer. Anybody knows any software, I can install on the bastion host, whichwillwork as a 'pipe' to the internal Web server?What you're talking about is a reverse-proxy. Two options I know: Squid running in accelerator mode and Netscape Proxy Server in reverse-proxy mode (or secure reverse-proxy mode if HTTPS is needed). Hope this helps. Eduardo.
Current thread:
- RE: Acceess to the Web server, which is behind the firewall Amirmadhi Foorood (Nov 07)
- <Possible follow-ups>
- Re: Acceess to the Web server, which is behind the firewall Jason Prondak (Nov 27)