I am working in a corporate organization and we are in the process of setting our automation tests to run in CI/CD pipeline. Our tests includes scenarios where we need to access some external application URLs. The CI/CD agents by default not enabled to access the external URLs and in order to allow the access, the network team is asking us to confirm the port number on which we want to access the external application URL's. We also use a proxy with port number 8080. Should we use the same port as the proxy port on which we would need to access the external URLs?
Any suggestion is appreciated, thanks.
It is a suggestion based question.
Related
We have configured a new webfarm using IIS10 with 3 hosts operating with the web traffic with a loadbalancing IIS ARR3.0 server sitting infront to balance incoming requests between all the nodes. During initial testing (Basic HTML pages) the round robin setup (33.33%) distribution between each node was working well but we had to enable server / client affinity so that our applications kept a consistent connection between our client session and the application. Since then, we are finding that all traffic going to these applications originating from different machines on different networks are all being forwarded to the same application server. If you take the server offline the application seamlessly starts running on the next server in the list (Client obviously must sign in again). Whilst one server is fine at this time to run the two applications we have running when we ramp up our migration and have all our 140 applications running, I don’t think one server will be too happy with the load.
ADDITIONAL INFORMATION
LoadBalancers/Arr Servers: LB-01 (LB-02 DUPLICATED Server for redundancy). Default ARR URL ReWrite with Route to Server Farm Action. Image of LB/ARR URL ReWrite Rule Server Affinity Enabled Client Affinity enabled use hostname selected no Advanced Settings, no routing rules. ARR Default Proxy Settings Image of Proxy Settings
Web/Application Servers WEB-01, WEB-02, WEB-03 FileSystem Shared using DFS All running on Shared Config's
The Applications would be as follows
https://www.domainname.com/application-name1
https://www.domainname.com/application-name2
...
Were the application launch page changes but the domain name stays the same
Image of IIS Monitoring and Management Window showing distribution
If there is a setting you wish to verify please ask for them. I know people arent physchic but huge paragraphs of information never really help.
My hunch is it is something to do with the URL rewrite I have tried the settings in the below post to no avail.
IIS ARR & load balancing
Uncheck 'Host Name Affinity' to dispatch to all your hosts
I have configured my Sonarqube server to be accessed using the reverse proxy mechanism provided by Apache server mod_proxy module.
My question here is, even after the above setup i will be able to access the sonarqube server by hitting the direct sonarqube url ex:http://localhost:9000.
Is there a way i can restrict the access to my sonarqube server only via Apache reverse proxy server, by making simple configuration changes may be in some sonarqube property files.
Or Any other solution for this requirement?
I am using the latest version of Sonarqube 6.1
Ragdu you have to bind SonarQube to localhost. In sonar.properties use : sonar.web.host=127.0.0.1
Obviously you will be able to browse from your server by accessing http://localhost:9000 but only from your server, you won't be able to access through http://{your_server_ip}:9000.
Binding the server to localhost is the correct option, but if for some reason you don't want to touch sonar.properties, or you need to switch to the 'two different boxes approach' you can use the system firewall to filter the access.
In the first case, you drop all packets coming from your network card to port 9000 (but you need to allow the access in the local interface).
In the second one you would only allow the Apache machine's IP to communicate with the port 9000 in the SonarQube machine, all other packets coming to port 9000 would be discarded.
Be careful, in the second case you should implement SSL between Apache and SonarQube or isolate both machines, otherwise the HTTP communication could be sniffed.
I created an api using SLIM framework, but the services are not accessible to public as they are limited to localhost. how to host the services on a realtime server, so that, they can be accessible from anywhere?
please some one help me
This question requires more detail in order to answer properly.
If you are hosting your API on a windows server, then it is likely you have configured some kind of "WAMP" stack, correct? Or maybe serving PHP through IIS? This are important questions because we need to know what port you have bound your web application server to, which leads us to the next question...
Where are you hosting the server which is running the application which bound to what port?
Ultimately, a public, external IP will need to be either:
a. NAT'ed to the internal IP of your web server instanced
b. Port-forwarded to the internal IP of the server running your web application
Still, we are making a lot of assumptions here because getting a web application "accessible from anywhere" will require different work depending on your environment.
Here is the most basic example:
You are at home, running this API on your Windows workstation and will like to be able to hit it from a remote location.
Ensure Windows firewall allows inbound traffic to the port on which your application is running (probably port 80/HTTP, maybe 443/HTTPS).
Log into your ISP's router and configure port-forwarding to ensure inbound traffic on, say, port 80, is routed to the internal IP of the workstation running the API.
That's all there is to it.
Keep in mind that this also assumes that your ISP even allows you to expose your own web server to the internet on port 80 (or 443). Also, since we know nothing about your environment, this is all pure conjecture. Please provide more information you would like a real answer.
The most traditional way to host Slim Framework, would be through Apache. Install Apache and be sure you have the proper network settings to allow inbound connections, but more information about your setup could be needed for proper guidance.
http://httpd.apache.org/docs/2.4/platform/windows.html
When Apache is installed and working, you need to set Rewrite rules on the URL, information on that can be found on http://docs.slimframework.com/routing/rewrite/.
Your question on the verge of off topic, it probaly is, but read up on what questions can be asked and not, here on Stackoverflow, hope i could help.
I am very confused with proxy server, and proxy and this word proxy. I saw everywhere people are using proxy program, proxy server. Some of them using the proxy websites to unblock the websites. There are lot of things like reverse-proxy like that..
When I read one article about nginx I ran into one pic it says proxy cache. So what's proxy cache?
And how can I write a proxy program? What does that mean ? Why we need to use a proxy program?
Anybody can answer my question as simple as possible, I am not much in to this area.
A proxy server is used to facilitate security, administrative control or caching service, among other possibilities. In a personal computing context, proxy servers are used to enable user privacy and anonymous surfing. Proxy servers are used for both legal and illegal purposes.
On corporate networks, a proxy server is associated with -- or is part of -- a gateway server that separates the network from external networks (typically the Internet) and a firewall that protects the network from outside intrusion. A proxy server may exist in the same machine with a firewall server or it may be on a separate server and forward requests through the firewall. Proxy servers are used for both legal and illegal purposes.
When a proxy server receives a request for an Internet service (such as a Web page request), it looks in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user without needing to forward the request to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user.
To the user, the proxy server is invisible; all Internet requests and returned responses appear to be directly with the addressed Internet server. (The proxy is not quite invisible; its IP address has to be specified as a configuration option to the browser or other protocol program.)
An advantage of a proxy server is that its cache can serve all users. If one or more Internet sites are frequently requested, these are likely to be in the proxy's cache, which will improve user response time. A proxy can also log its interactions, which can be helpful for troubleshooting.
If I log in to our web server using RDP, I can't access any of the sites we run on that web server via their external url. For example, say my web server hosts www.example.com, when I log in to the web server, bring up a browser and try to go to www.example.com, I can't see it.
However, one of our sites was configured in some way to work like this, if I try to go to that url, it works as you might expect.
Unfortunately, this was done by our server hosting partners, who we are no longer in contact with. Does anyone know how this can be achieved?
You can do it in many way..
It depends on your network configuration, but it could also be a simple row in hosts file or a static dns record or a specific route for that ip address.
if you're using IIS you should also set the website to "listen" on the loopback interface in the bindings menu.
or, for IIS 6: