This question already has answers here:
Possibility of Man in the Middle Attack during TLS handshake [duplicate]
(2 answers)
SSL and man-in-the-middle misunderstanding
(5 answers)
How SSL certificate prevents man-in-the-middle attack? [duplicate]
(1 answer)
Closed 3 months ago.
I am learning about how tls 1.3 works and I do not understand how does it prevents a man in the middle setting a shared secrect with the client and a shared secret with the server and reading all of the data. I couldn't find the answer online so I will really apriciate if someone can explain it to me.
This question already has answers here:
How do certificate avoid the man in the middle attack?
(1 answer)
SSL and man-in-the-middle misunderstanding
(5 answers)
How are ssl certificates verified?
(6 answers)
Closed 1 year ago.
Was reading HTTPS workflow and would like to understand more about it.
Client ---> Malicious Server (instead of actual server)
When Client connects to server there can be possibility that it connects to malicious server and that server represents the certificate on behalf of Actual Server, how client knows whether its genuine server or not?
This question already has an answer here:
Prometheus: Check if an HTTP server is up
(1 answer)
Closed 3 years ago.
I'd like to use prometheus monitoring system to check my nestjs application
I have url like http://IP:PORT/test
Is that possible to check that url dead or alive using prometheus?
you can use blackbox to check http or tcp
https://github.com/prometheus/blackbox_exporter/blob/master/example.yml
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
In PHP, we have Apache (or Nginx) as the HTTP server. They are also the de-facto standard set up for PHP web development.
In Rust nearly all examples on the web are to run its own HTTP server (or "hyper" library) by "Cargo run" command and then go to localhost in a browser to see the result. It seems nobody would deploy it on Apache/Nginx.
Why are Rust programs not deployed in the existing HTTP servers which provide so many useful and mature features (e.g. VirtualHost, Alias, SSL, mod_rewrite etc.)?
Also, what're the benefits of using this web server over Apache/Nginx?
In a production environment, do you also use hyper library as the web server for Rust?
The common approach when writing a web application in something other than PHP is to use either Apache or NGINX as the public-facing server. You then set up a virtual host in either Apache or NGINX to function as a remote proxy which forwards all connections to your web application (Rust, Golang, Python, Node.js, etc...) which is, itself, running its own server bound to a non-80 port on localhost.
For a (rough) visual example:
+++++++++++++++++++++++ SERVER +++++++++++++++++++++++++++++++++++
+ [Web Application (bound to localhost:8080)] +
+ /|\ +
+ | reverse proxy connection +
+ \|/ +
+ [NGINX (bound to remote_address::80 and remote_address:443)] +
+++++++++++++++++++++++++/|\+++++++++++/|\++++++++++++++++++++++++
| |
\|/ \|/
++++++++++++ ++++++++++++
+ CLIENT + + CLIENT +
++++++++++++ ++++++++++++
This approach is (generally) more secure, allows you to easily use the features of a mature web server like you are saying (e.g. SSL, load balancing, etc.), and allows you to focus on writing a robust web application rather than on writing a robust web server.
Take a look at this article for documentation on how to set up NGINX as a reverse proxy. Although Apache is just as capable, NGINX tends to be the web server of choice when creating a web application and stack like this due to its speed and the fact that it is relatively lightweight.
For what it is worth, the difference between this architecture and what, for example, PHP and Apache look like together is, simply put, that PHP runs as an "extension module" to Apache rather than as an "external component". Actually, when you use PHP with NGINX, you will have to set it up in a very similar way as described in this post.
This question already has answers here:
Closed 12 years ago.
Possible Duplicate:
What are the pros and cons of a 100% HTTPS site?
Is there any reason not to use https on every page of a site?
SSL costs more bandwidth.
SSL costs processor cycles, both on the server and the client.
Both things cost loading/processing time.