Hi folks,
I have a web app (served by Tomcat) that was intended for intranet use. As
such I assume that the security is only basic and it is not suitable for
facing the public internet. When seeking a product to stand between my app
and the world, haproxy was recommended to me. I understand that
OK, I found that I needed to uncomment the chroot statement before it would
prompt for a password. That makes sense. That part is working now :-)
Still could use some advice on the attack prevention though!
Thanks,
Sean
Hi,
On 25 January 2011 09:29, Sean Rodden s...@rodden.net wrote:
Hi folks,
I have a web app (served by Tomcat) that was intended for intranet use. As
such I assume that the security is only basic and it is not suitable for
facing the public internet. When seeking a product to stand between
What is the reason that this internal application has to be moved to external ?
Outside workers that have to reach the application ?
Met een vriendelijke groet,
Mike Hoffs
The app is educational software that was designed for a classroom
environment where one Tomcat server provides content to anyone on the campus
intranet. We want to set up a virtual classroom because we have many
customers that have trouble installing the old stand-alone version that
comes on CD. A
On Tue, Jan 25, 2011 at 10:55 PM, Brett Delle Grazie
brett.dellegra...@gmail.com wrote:
Personally if the application isn't designed with security in mind I
wouldn't put it on the Internet or consider paying a developer to review the
application for just this purpose. Depending upon how the
I was also thinking about openVPN, we use is for some customers, it is awesome.
U can put all the students in one group with only access to that tomcat server.
And also it is not that expensive, dont buy a license for the number of
students, but the number that u think how many will use It
Is the only way to run openVPN with the VPN client installed as a browser
plugin?
On Tue, Jan 25, 2011 at 11:34 PM, Mike Hoffs m.ho...@mijn-sleutel.comwrote:
I was also thinking about openVPN, we use is for some customers, it is
awesome. U can put all the students in one group with only access
I dont know how the community edition Works, but the licensed one is shipped
with a nice installer for microsoft and Linux products. It is not browser
plugin, but a little program u can start when u need it, it will connect to
your vpn server. And setup the routing as you set it up.
Met
Haha, i think for the most idiots is next, next, next understandable ;-)
What I mean with vmware, is that u can make a vmware image, burn in on dvd with
vmware player. I think with some scripting u can also make a nice installer for
it to.
Long time ago I did some senior admin work at a
Oh I have trouble with that too! When I started in this job, my boss said
Be aware that some of the learning difficulties the kids use this software
for, is congenital. which was a very polite way of saying that some of the
parents have the same problems!
I see what you mean with the VMWare idea
I read the documentation and couldn't see anything on it but is there a
way to dynamically (on-the-fly) clear a sticky session cookie? It's kind
of for development environment switching and a sticky session set by
time isn't exactly what we're looking for.
Thanks!
I'm not sure if people have asked for this, but I would love a custom
field/column in the Stats Report web page.
Specifically, I would like to be able to see my backend server
version. This is a custom text string which I could provide a
health-check-like URL to populate.
Then the HAProxy stats
hello,
i run two sets of servers, each with an haproxy layer. one set is:
HA-Proxy version 1.4.8 2010/06/16
the other is:
HA-Proxy version 1.4-dev3 2009/09/23
i am using an external file with a long list of referers that i want
to block. in both server sets, it is invoked like so:
acl
Hi Robert,
Le mercredi 26 janvier 2011 00:39:53, Robert Joseph a écrit :
hello,
i run two sets of servers, each with an haproxy layer. one set is:
HA-Proxy version 1.4.8 2010/06/16
the other is:
HA-Proxy version 1.4-dev3 2009/09/23
It looks funny to see such a version in use, but it
On Tue, Jan 25, 2011 at 07:20:20PM -0800, Anthony Saenz wrote:
I read the documentation and couldn't see anything on it but is there a way
to dynamically (on-the-fly) clear a sticky session cookie? It's kind of for
development environment switching and a sticky session set by time isn't
Hi Joel,
On Tue, Jan 25, 2011 at 01:29:11PM -0800, Joel Krauska wrote:
I'm not sure if people have asked for this, but I would love a custom
field/column in the Stats Report web page.
Specifically, I would like to be able to see my backend server
version. This is a custom text string which
On Tue, Jan 25, 2011 at 11:55:57AM +, Brett Delle Grazie wrote:
Recommendation:
My recommendation would be Apache HTTPD in reverse proxy mode with
mod_security
installed and configured correctly. A properly hardened Apache HTTPD
server is very
difficult to hack and when placed in a DMZ
18 matches
Mail list logo