On 29/06/2013 5:32 a.m., Lois Blood Bennett wrote:
Hello, My question is rather general. We are moving a web application to our DMZ and I need to find a server/service that will allow the oracle database queries to be transmitted encrypted through the firewall then sent to the Oracle server. It seems like squid could be the solution. Does anyone have any experience using squid in this way? Could anyone point me in the right direction?
Firstly Squid is an HTTP proxy it is not an SQL query proxy or relay. It will only work in the way you describe if the qeuries are sent as HTTP requests (unlikely).
I suggest placing a Squid proxy in the DMZ instead, which can be assigned special privilege to access the web service internal location. Squid is designed to act as a gateway service like this to protect the backend web service from attacks, unwanted accesses, also to reduce the bandwidth and request load the backend faces. When operating in reverse proxy mode it can handle traffic from both internal and external clients or users and control access to the private service.
Amos
