I'm starting my adventure with the Varnish Cache. Still have some questions about it, I couldn't find the straight answer.
Can I use Varnish cache server v.3.0.6 with eg. Plesk web hosting control panel, and have some domain (virtual hosts) with only 1 IP?
Please advise
If Plesk web hosting allows you to setup different ports on the same ip you can use varnish as frontend on port 80 or 443(https) and let varnish communicate to a different port on the same server to retrieve the webpages.
in your vcl you can add the following host
backend website {
.host = "127.0.0.1";
.port = "8080";
}
Related
I created a very basic express app which listens at port 3000 for HTTP, 4000 for HTTPS. I have static ip.
How can i use my domain to access my express app. ( Currently i can access via [external ip]:[port])
NOTE: I am using raspberry pi with raspbian OS.
Your app has to listen on port 80 for HTTP requests and port 443 for HTTPS requests.
Alternatively, you can use a proxy server like Nginx to handle HTTP and HTTPS, and you can configure your app to listen on any port. Also, don't forget to configure Nginx according to your app's ports.
I have two iis websites. One I have a localhost on port 80 and was setup for dydns with ssl port forwarding external: 443 and internal port:1124 and the website is working perfectly with dydns access.
I wanted to setup another website with the ssl port but was unable to do so. As when I set the port forwarding external Ssl:443 and the internal ssl port:1129. the other dydns entry redirects to the first website. This website does not work without https.
So. How do I setup two websites for ssl port forwarding on the same machine?
Any help is appreciated.
You don't necessary need an entirely different port for each website you host on the same machine. You can use the same http/80 and https/443 to serve multiple website through virtual hosts.
I'm not familiar with IIS, but I do know that it's possible on IIS just like Apache and NGINX does. You can read about setting up virtual hosts on IIS here. Also I answered a similar question here.
I am 2 running webapps on localhost, one on port 80 and one on port 3000.
I would like to use apache as a forward proxy to put these apps on the same domain and port, in order for them the share the same localstorage.
Could anyone tell me how this is done?
How can I put a docker between the web requests and my web server (in order to analyse and block requests)? I found morbz/docker-web-redirect docker, but it seems that it is not enough for this task.
I'd recommend using nginx as reverse proxy, or better haproxy:
https://hub.docker.com/_/haproxy/
You have to configure haproxy container to listen to port 80 on the host, then direct traffic to your proxied web server.
Haproxy ACLS might be of your interest: How to route traffic (reverse Proxy) with HAProxy based on request body
I am currently been involved in implementation of varnish with loadbalancer as back-end which shall forward traffic accordingly to multiple web server.
I am trying to achieve:
Public Traffic -> haproxy/DNS -> [Varnish (x2) / nginx(ssl) ] -> Loadbalancer -> Web server(x4)
I am able to configure Varnish , nginx as ssl/443 terminator for one domain.
(i.e if i point dns to varnish eth and access webserver serves the page)
varnish config
backend loadbalancer { .host = "xxx.xxx.xxx.xxx"; .port = "80" }
backend loadbalancer_ssl { .host = "xxx.xxx.xxx.xxx"; .port = "443"; }
sub vcl_recv {
# Set the director to cycle between web servers.
if (server.port == 443) {
set req.backend = loadbalancer_ssl;
}
else {
set req.backend = loadbalancer;
}
}
# And other vcl rules for security and other.
Nginx Config
location / {
# Pass the request on to Varnish.
proxy_pass http://127.0.0.1;
proxy_http_version 1.1;
#SSL certificate and config
=> How would i achieve configuring varnish as dns entry Point with ssl termination for multiple domains?
=> Is it possible to somehow configure varnish to accept all connections and bypass ssl to web server directly? (so that i don't have to worry about multiple interface for ssl support)
=> Or any standard approach to achieve with 443 terminator?
Note: why i am trying to achieve this: To create multiple layer for security and using existing hardware devices.
Already in place:
All server has (multiple interface for ssl using lightty).
Load balancer -> Hardware -> which will balance load between those web server.
Any experts sharing there view would be great.
I have decided to go with nginx as ssl terminator and achieving my question answers as below. I decided to update this, if anyone finds it useful.
From my above query:
How would i achieve configuring varnish as dns entry Point with ssl termination for multiple domains?
=> How it works is we need to have socket listening for https/ either nginx/pound/or anything else that can read ssl.
(which i was not quite convinced previously is to use this point as ssl terminator however i think i am fine as beyond that level now i have planned to make it internal zone.
=> Is it possible to somehow configure varnish to accept all connections and bypass ssl to webserver directly? (so that i dont have to worry about multiple interface for ssl support)
One can achieve this either with multiple interface (if you have multiple domains).
or, same interface if you are dealing with subdomains.
Or, you can create one secure page for all ssl required pages (depends upon trade-off)
=> Or any standard approach to achieve with 443 terminator?
I decided to go with nginx to use those feature that nginx provides (interms of security layer).