What you have described is the entire purpose for a DMZ: a private network zone that can only be accessed through known end points on other networks so that interception from the outside is not possible. If you can validate your DMZ, then your unencrypted traffic from your web servers to your application servers should be safe. If you cannot validate your network, then you need investigate other methods (like stunnel, as you mentioned) and/or how to audit your network -- which is entirely out of scope for the Apache users discussion. Security is not static: it is only assured so long as you continue to corroborate that your web application, web servers, server OS, DMZ, and application servers are intact (through security audits) and up to date with security patches. --Mark Mark Lavi, Enterprise Web Management Team @ SGI mailto:mlavi@xxxxxxx || phone:+1-650-933-7707 -----Original Message----- From: AFrieze [mailto:AFrieze@xxxxxxxxxxxx] Sent: Monday, February 12, 2007 1:37 PM To: users@xxxxxxxxxxxxxxxx Subject: Apache SSL DMZ mod_jk Security concerns Hi, I am running an apache 2.2.3 web server which is located in the firewall's DMZ. Our web server communicates with several tomcat nodes located within the firewall's internal network via mod_jk 1.2.20. I have successfully configured SSL on our Apache server and would like to begin accepting credit card payments. I understand that the communication from the client's browser to the Apache web server will be encrypted, but the communication from the server to the tomcat nodes through mod_jk will not. My understanding of a DMZ leads me to believe that this should be safe. Am I correct in believing that for someone to read the unencrypted communication from the apache server to the tomcat nodes, one would have to gain access to the DMZ's network, or the internal network. The firewall allows only HTTP and HTTPS into the DMZ and nothing is allowed into the internal network except a connection from the DMZ on a specific port to the tomcat nodes. I am slightly worried that there is an easy way for someone to monitor the DMZ's traffic that I am missing. I have considered using a stunnel from apache to tomcat but would prefer to avoid this if possible. The server has also passed a HackerGuardian Scan. Any advice on my setup would be appreciated, or any notes on other possible vulnerabilities. Thank you AFrieze --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|