> mod_proxy is very powerful , but when it comes to security I wouldn't > use it use it to protect another server as it had some problems in the > past . >
In addition to mod_proxy, you can also use mod_rewrite to lock down what can be requested and what can't. Our developers had content directories scattered all over the place on the backend IIS servers. We used apache as a reverse proxy on a Linux server with mod_rewrite to serve as a security mechanism to only allow legit requests. This is pretty much what that tool released by MS did a year or two ago for IIS servers. We had a nice rewrite list built thanks to the wonderful directory placement of our development team ;-) Cheers, Scott
