Apache / SunOne

Apache / SunOne

am 03.09.2007 16:40:04 von Liquidchild

Hi we currently run an application deployed on a SunOne server that
also runs another application (again deployed on a SunOne server).
One of the applications needs to be web accessible, so the server sits
in the DMZ, however this leaves obvious security risks.

Now what I am trying to do, though not sure if possible is have the
server sit in our network and have an Apache server sitting in the DMZ
that routes the requests through to the application server.

When the user accesses the application running on the server they do
so through a certain port i.e. 82, using a certain url. It is
possible to have Apache in the middle of these just routing requests
through, therefore we would only need to open the firewall for
requests to come through from the Apache server and then database
ports and such like don't need to be opened from the DMZ.

I hope this all makes sense?

Thanks

Re: Apache / SunOne

am 04.09.2007 02:00:04 von ohaya

liquidchild wrote:
> Hi we currently run an application deployed on a SunOne server that
> also runs another application (again deployed on a SunOne server).
> One of the applications needs to be web accessible, so the server sits
> in the DMZ, however this leaves obvious security risks.
>
> Now what I am trying to do, though not sure if possible is have the
> server sit in our network and have an Apache server sitting in the DMZ
> that routes the requests through to the application server.
>
> When the user accesses the application running on the server they do
> so through a certain port i.e. 82, using a certain url. It is
> possible to have Apache in the middle of these just routing requests
> through, therefore we would only need to open the firewall for
> requests to come through from the Apache server and then database
> ports and such like don't need to be opened from the DMZ.
>
> I hope this all makes sense?
>
> Thanks
>


Hi,

You can accomplish this by using Apache (in DMZ) as a "reverse proxy".
Google "Apache proxy" and also see:

http://httpd.apache.org/docs/2.0/mod/mod_proxy.html

You'll need to poke a hole/holes through your firewall to allow the
Apache proxy to connect to the SunONE Java Webserver. I don't think
you'll need to do so for database connections, because those we be from
your Sun webserver to the database server, which presumably be on you
"inside" network.

Jim