At 03:02 PM 1/2/01 +0000, Matt Sergeant wrote:
>On Tue, 2 Jan 2001, Oleg Bartunov wrote:
>
> > Hi,
> >
> > I have implement standard fe-be scheme as many times discussed
> > in this list and described by Stas in his guide. Sorry, if I
> > don't understand something simple.
> >
> > Everything works but I get a problem with securing my
> > backend server - I want backend accepts requests only from my frontend.
> > I have in backend's conf file:
> >
> > <Directory "/db1/w3/comps/discovery">
> > Options FollowSymLinks ExecCGI Includes MultiViews
> > AllowOverride All
> > Order deny,allow
> > Deny from all
> > Allow from MY_PROXY_IP
> > </Directory>
>
>Forget that, add the rule to your firewall. Its a far better place to
>manage these kinds of rules.
I am not sure, but I suspect it may be possible to distinctly bind to
127.0.0.1 and thus disallow any external IP address listening for extra
measure. The default for apache is to bind to every IP on the system
promiscuously which you don't want on a BE server.
Of course, you will need the firewall method if the BE server actually is
on a physically separate machine from the FE server.
Where security is concerned, it's not always the best idea to solely depend
on firewall rules if you can help it... In case one gets misconfigured at
least you have a 2nd one.
Anyway, unless your mod_rewrite rules on the FE server are doing something
other than blindly proxying all requests to the BE server, I am not sure
whether the BE server is actually any more secure because of the reverse
proxy.
What attack could be made on the BE server directly that could not be made
through just tunneling the same request through mod_rewrite on the FE server?
eg Are you filtering for "passwd" in the URL with your rewrite rules?
