RE: Reverse proxy recommendation
Most thanks, FreeBSD ports are great. Shane -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Robillard Sent: Monday, June 02, 2008 10:58 AM To: Thomas Mullins Cc: FreeBSD Questions Subject: Re: Reverse proxy recommendation On Sat, 2008-05-31 at 10:26 -0400, Thomas Mullins wrote: > Hello, > > We have three internal web servers that we make accessible to the > internet. Right now we simply use pf and port redirection. Works > great. > > But, we would like to tighten up security. I know you can do this > with squid, apache and a few others. Could someone please make a > recommendation on what solutions they have used or seen in the past? > > Thanks > Shane You may want to check the www/varnish port. From the ports description: This is the Varnish high-performance HTTP accelerator. Documentation and additional information about Varnish is available on http://varnish.projects.linpro.no/>. Technical questions about Varnish and this release should be addressed to <[EMAIL PROTECTED]>. Questions about commercial support and services related to Varnish should be addressed to <[EMAIL PROTECTED]>. WWW: http://www.varnish-cache.org/ And from wikipedia: http://en.wikipedia.org/wiki/Varnish_cache I've never used it myself, but looks interesting since it's been created by Poul-Henning Kamp which is a major FreeBSD developer. HTH, David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Reverse proxy recommendation
On Sat, 2008-05-31 at 10:26 -0400, Thomas Mullins wrote: > Hello, > > We have three internal web servers that we make accessible to the > internet. Right now we simply use pf and port redirection. Works > great. > > But, we would like to tighten up security. I know you can do this with > squid, apache and a few others. Could someone please make a > recommendation on what solutions they have used or seen in the past? > > Thanks > Shane You may want to check the www/varnish port. From the ports description: This is the Varnish high-performance HTTP accelerator. Documentation and additional information about Varnish is available on http://varnish.projects.linpro.no/>. Technical questions about Varnish and this release should be addressed to <[EMAIL PROTECTED]>. Questions about commercial support and services related to Varnish should be addressed to <[EMAIL PROTECTED]>. WWW: http://www.varnish-cache.org/ And from wikipedia: http://en.wikipedia.org/wiki/Varnish_cache I've never used it myself, but looks interesting since it's been created by Poul-Henning Kamp which is a major FreeBSD developer. HTH, David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Reverse proxy recommendation
great. But, we would like to tighten up security. I know you can do this with squid, apache and a few others. Could someone please make a recommendation on what solutions they have used or seen in the past? squid works fine for reverse proxy, is very fast, you may turn disk cache off a it doesn't make much sense (unless the servers behind are slow). in squid you may specify lots of rules as with forward proxy - it could be used for security. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Reverse proxy recommendation
Thomas Mullins wrote: Hello, We have three internal web servers that we make accessible to the internet. Right now we simply use pf and port redirection. Works great. But, we would like to tighten up security. I know you can do this with squid, apache and a few others. Could someone please make a recommendation on what solutions they have used or seen in the past? I'm using squid as reverse proxy, for several internal hosts (just one squid reading the host-header), both as rp for 'normal' sites and as https front end. Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Reverse proxy recommendation
I use Apache (2.2) with mod_proxy / mod_proxy_balancer ... works like a charm! On Sat, 2008-05-31 at 10:26 -0400, Thomas Mullins wrote: > Hello, > > We have three internal web servers that we make accessible to the > internet. Right now we simply use pf and port redirection. Works > great. > > But, we would like to tighten up security. I know you can do this with > squid, apache and a few others. Could someone please make a > recommendation on what solutions they have used or seen in the past? > > Thanks > Shane > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"