I know this has been posted before but I have not been able to locate a precise answer. What is the common method of deploying a Jboss Application Server in a DMZ environment?
Not to do this, I hope?
It is much easier to hack a server in a DMZ, and remember that as a result hacker will get access to all your application class files which are easy to decompile, to all your configuration files, such as xxx-ds.xml and mail-service.xml with user names and paswords, and to log files.
From a default install of Jboss, many ports are opened and are listening for all incoming connections (as opposed to only localhost connections). Perferably I wouldn't mind locking these ports down, but do a lack of understanding I don't know how this would affect the application server. Likewise I could restrict connections using Netfilter, but I read that this causes Jboss to act crazy.
I also read a brief line about using apache in the DMZ forwarding request through the firewall to an internal Jboss server. Is this the perfered method? I would appreciate any and all advice.
This is much better.
Regards, Vlad
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
