about Apache HTTP Server reverse proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, all

I want to use Apache HTTP Server as a reverse proxy server and use it to
implement the function of load balancing.

I made architecture of High Availability with Tomcat and Apache, here I
will describe it simply.

						USERS
 						 |
						INTERNET
 						 |
						Firewall
 						 |
						 BigIP(F5)
					  /      \
                        /         \
                     Apache        Apache
			  HTTP Server         HTTP Server --(in reverse
proxy mode)
                         \        /
                          \      /
                           Firewall
						/      \
                           /         \
                       Tomcat      Tomcat
                           \        /            
						\      /              
			DataBase(Master)    DataBase(Slave)

The BigIP is a product of F5, and I put it in front of Apache HTTP
Server, I use it to implement the function of load balancing for Apache
HTTP Server.

There are two firewalls, and I put two Apache HTTP Servers between them
to implement load balancing and reverse proxy.
Behind these two firewalls, I put two Tomcat servers as rare-end
servers.

I want to know does this architecture widely used? 

Could someone give me some instances of using this architecture? For
example, the company name, the project name?


I also worry about the security of reverse proxy mode.
For example, if a hacker want to destroy my system, he construct a
wicked HTTP request package to my system. After the Apache HTTP Server
received the HTTP request package, it will forward the package to
Tomcat. So, the Tomcat will be destroyed.

But I have read passages about reverse proxy, all of them say that
reverse proxy is very secure. If it works like I've just written, it's
not secure any more.

Am I right? Could you help me analyze it?

Thanks.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux