On Fri, Apr 25, 2008 at 04:05:19PM -0400, Steven Pfister wrote:
Does Apache + mod_security allow reverse proxying to https servers? The
server is using both http and https currently, and I don't know enough
about the actual server to know if doing everything over http is feasible.
Apache
We've thinking of using squid as a reverse proxy as part of a plan to open up
access to a particular web site to outside users.
Does squid as it's installed do any kind of checking of URLs for signs of
attacks, or does something additional need to be installed (and what's popular
for that)?
On Fri, Apr 25, 2008 at 09:51:53AM -0400, Steven Pfister wrote:
Does squid as it's installed do any kind of checking of URLs for signs of
attacks, or does something additional need to be installed (and what's
popular for that)?
More likely you would want to use Apache with mod_security as
Thank you... I'll definitely check into that. Is there any where that lists a
minimum hardware spec for using Apache that way?
--Steve
Steve Pfister
Technical Coordinator,
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St.
Dayton, OH 45402
Office (937) 542-3149
Steven Pfister wrote:
Besides taking away direct access to the webserver (and any vulnerabilities
it may have) and providing some caching for static content, what are some
other advantages of using squid this way? I'm trying to help put together a
security recommendation.
Squid can
fre 2008-04-25 klockan 09:51 -0400 skrev Steven Pfister:
Does squid as it's installed do any kind of checking of URLs for signs of
attacks, or does something additional need to be installed (and what's
popular for that)?
Squid checks that the request is a properly formed HTTP request, which