On 5/15/2021 10:21 AM, Jason Long wrote:
Hello, Is proxy to proxy improving the security? For example: The Internet --> Reverse Proxy Server --> Reverse Proxy Server --> Web Site
It really depends on what functions your proxies are performing. For example, are the reverse proxies simply load balancers or do they also serve as a WAF (Web Application Firewall)? A combination of both services on the same reverse proxy is a common implementation often offered commercially. Weeding out malicious requests falls on on the reverse proxy WAF while the backend web servers are free to spend their resources on legitimate requests.
I think part of the answer is for security don't completely rely on your reverse proxy to keep out all malicious activity. It should do a good job. None the less you still want your backend free of vulnerabilities like XSS and SQLi.
I think you'd have to define more of the purpose of multiple reverse proxies.
Jim --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|