Just outta' cusiosity: what does this provide in terms of security? Jim Moore 256.461.4381 ----------- PGP PUBLIC KEY FINGERPRINT ------------ 1D9C 3AC3 34E6 EEDF 22B9 7886 7797 6908 048F 049B --------------------------------------------------- > -----Original Message----- > From: Adrian Brinton [SMTP:adrianat_private] > Sent: Tuesday, January 11, 2000 12:43 AM > To: 'Scott Saxen'; firewall-wizardsat_private > Subject: RE: reverse proxy using apache > > I'm not sure if this is what you're looking for, but I use apache as a > proxy server using the ProxyPass directive. I have the apache box on a > dsl line and a NAT'ed network behind (this could be a DMZ if I had some > time and another few computers). When an outside user connects, they see > the apache box. Apache proxys them out to an IIS server (or whatever you > want) on the NAT'ed network. The user sees nothing... it looks like > they're hitting the IIS (or whatever) server directly. Works for SSL too > (between the user and the proxy, in my case), you just have to add SSL > support to apache. Below are the relevant lines of the httpd.conf file. > > Hope this helps. > adrianat_private > > > LoadModule proxy_module modules/libproxy.so > AddModule mod_proxy.c > > ProxyRequests On > > # Note addresses changed... > NameVirtualHost 1.2.3.4 > Listen 1.2.3.4:80 > Listen 1.2.3.4:443 > > # This creates a virtual host that will be proxy'ed to another box. > <VirtualHost 1.2.3.4> > ServerAdmin webmasterat_private > ServerName proxythis.yourdomain.com > ProxyPass / http://192.168.1.1/ > ProxyPassReverse / http://192.168.1.1/ > ErrorLog logs/error_log > TransferLog logs/access_log > </VirtualHost> > > # This creates a virtual host for SSL conections. They'll be proxy'ed > w/o SSL. > VirtualHost 1.2.3.4:443> > ServerAdmin webmasterat_private > ServerName secure.yourdomain.com > ProxyPass / http://192.168.1.1/ > ProxyPassReverse / http://192.168.1.1/ > SSLEngine on > SSLCertificateFile /etc/httpd/conf/ssl.crt/yourcert.crt > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/yourkey.key > ErrorLog /var/log/httpd/ssl-error_log > TransferLog logs/ssl-access_log > </VirtualHost> > > -----Original Message----- > From: Scott Saxen [mailto:ssaxenat_private] > Sent: Friday, January 07, 2000 4:22 PM > To: firewall-wizardsat_private > Subject: reverse proxy using apache > > > I am having problems using reverse proxy under apache 1.3.9 > I have a client that wants to (being a network engineer I would call it > NAT) change the URL or what would be called 'rewrite' I think. So they > want > the client side to use a url (arbitrary) and send it to the proxy server > of > which would be apache, then from there it would go to a webserver, which > in > turn queries some other box. The proxy server is going to sit in the > dmz, > but in front of the firewall (not sure what kind of firewall and dont > think > its pertinent to this question). Problem I am having is the rewrite_mod > syntax....dont know it. Does anyone have a sample configuration I could > mess around with to make this work? Much appreciated..... > > ssaxenat_private > thanks.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:28 PDT