: Restricting access using IP address / Network Redirection? I have a situation where we have a web server (lets call it A) that is hosting a set of HTTP based services. Due to some client
I have a situation where we have a web server (lets call it A) that is hosting a set of HTTP based services.
Due to some client restrictions, this web server is not open to the outside world but rather has an IP address based restriction to allow only a certain fixed set of IP addresses.
The idea is that there will be another server that will be the outward public facing server (lets call it B) and this server will then redirect all requests to server A - which accepts requests only from Server B.
2 questions :-
Does having such a server configuration add any value or any benefit which could not be achieved by just having "server A" alone?
If "server B" is only basically doing a redirect, can I do it using some networking hardware itself like a router etc rather than having a web server do it? And would that be more efficient?
More posts by @Kaufman445
1 Comments
Sorted by latest first Latest Oldest Best
It depends on how it's done. As I understand what is asked for, server B will be a so called "reverse proxy". Apache for instance is able to do that. And the config of Apache can be tweaked in many neat ways. You could add an extra authentication, integrate SSL, make redirects and whatever comes to your mind and Apache is capable of. Nginx has the same functionality, so Apache isn't a must. To sum it up: it CAN provide an extra security layer. Even load balancing when done right.
I'm not aware of exclusive reverse proxying appliances. There might be. Maybe in form of a DD-WRT router. Basically any system capable of running such a software (webserver with revery proxying) will do.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.