I have a website (windows IIS) that is very busy and I wanted to setup an SQUID Reverse proxy to offload some of the traffic. I wanted to know what are the best practices, and how to setup it up on a Windows or Unix server.
I managed to figure this out myself. You can follow the steps on this blog post to follow what I did to get it working: http://ashleyangell.com/2009/03/configuring-a-basic-reverse-proxy-in-squid-on-windows-website-accelerator/
Related
I have a nodeJS web application with Express running on a Digital Ocean droplet.The nodeJs application provides back-end API's. I have two react front-ends that utilise the API's with different domains. The front-ends can be hosted on the same server, but my developer tells me I should use another server to host the front-ends, such as cloudflare.
I have read that nginX can enable hosting multiple sites on the same server (i.e. host my front-ends on same server) but unsure if this is good practice as I then may not be able to use cloudflare.
In terms of security could someone tell me If I need nginx, and my options please?
Thanks
This is a way too open-ended question but I will try to answer it:
In terms of security could someone tell me If I need nginx, and my
options please?
You will need Nginx (or Apache) on any scenario. With one server or multiple. Using Express or not. Express is only an application framework to build routes. But you still need a service that will respond to network requests. This is what Nginx and Apache do. You could avoid using Nginx but then your users would have to make the request directly to the port where you started Express. For example: http://my-site.com:3000/welcome. In terms of security you would better hide the port number and use a Nginx's reverse proxy so that your users will only need to go to http://my-site.com/welcome.
my developer tells me I should use another server to host the
front-ends, such as cloudflare
Cloudflare does not offer hosting services as far as I know. It does offer CDN to host a few files but not a full site. You would need another Digial Ocean instance to do so. In a Cloudflare's forum post I found: "Cloudflare is not a host. Cloudflare’s basic service is a DNS provider, where you simply point to your existing host.".
I have read that nginX can enable hosting multiple sites on the same
server
Yes, Nginx (and Apache too) can host multiple sites. With different names or the same. As domains (www.my-backend.com, www.my-frontend.com) or subdomains (www.backend.my-site.com, www.my-site.com) in the same server.
... but unsure if this is good practice
Besides if it is a good or bad practice, I think it is very common. A few valid reasons to keep them in separated servers would be:
Because you want that if the front-end fails the back-end API continues to work.
Because you want to balance network traffic.
Because you want to keep them separated.
It is definitively not a bad practice if both applications are highly related.
We are running a bunch of WMS with a GeoServer. The GeoServer is running inside a tomcat webserver and the tomcat is behind an apache webserver.
At the moment we can reach our WMS like this: http://domain.com/geoserver/layer/wms?....
What we need are different subdomains for the WMS, that all point to the same GeoServer intance, e.g.:
http://t1.domain.com/geoserver/layer/wms?....
http://t2.domain.com/geoserver/layer/wms?....
http://t3.domain.com/geoserver/layer/wms?....
Any ideas how we can achieve/configure this with the configuration mentioned above?
I'm not sure if you can do that with Apache/Tomcat. The domain/subdomain names are the way other hosts reach yours, and after they find it is when Apache and Tomcat come into play.
You should ask your network admin of Internet provider for that or maybe think of another approach like http://domain.com/t1/geoserver/layer/wms?... http://domain.com/t2/geoserver/layer/wms?, etc.
I suggest you Varnish reverse proxy as it is a light-weight software with an easy configuration language.
I have apache2.4 webserver installed on ubuntu 14.04, which has all the configuration for the virtual host file.Also I have configured ssl certificates in it. But I want to run this apache server behind other proxy server which have different IP then the Web Server.
Please suggest me the best way to do this.I am planing to install another apache on the proxy server and achieve this using reverse-proxy.But Please suggest any better way to do this.
Thanks
Vinay
I recently read some doc about setting up a reverse proxy server and it seems that ningx is a better choice than Apache for this task: it is very lightweight and really easy to configure. For example in a doc I read the writer could not manage to set up correct proxy for HTTPS for Apache, while another one trying the same configuration for nginx set it up easily. I am an old Apache fan, but if I had to install a proxy, I would chose nginx.
I hope this doesn't come across as a terribly silly question, but I'm learning how to implement a socket.io server for my website to produce real-time applications, but my problem is that I can't figure out how to implement said applications in an Apache served environment. Currently, when I run node server.js to start my socket.io server, I have to access it by visiting http://localhost:XXXX where XXXX is whatever port I attach it to, naturally. I don't want my website to be forced to be viewed on an alternate port like this, but I obviously can't attach the server to port 80 since Apache is listening on that.
Obviously a natural solution would be to stop the Apache service and then node the server on port 80 that way to avoid a collision, but I don't want to sacrifice all of the functionality that Apache offers. Basically, I want to continue to serve my website via Apache on port 80, and integrate certain aspects of real-time applications via socket.io on port 3000, let's say.
Is there a way to do this that avoid the things I don't want? Those things being 1) having users access my site with :3000 in the URL, 2) disabling Apache, 3) using iframes.
Thanks in advance.
Generally, you should be able to hide Node.js with mod_proxy. A bit of searching turned up this: https://github.com/sindresorhus/guides/blob/master/run-node-server-alongside-apache.md (old link died, this is a new one)
However, Socket.io can be a bit finicky (https://github.com/LearnBoost/socket.io/issues/25), so you may have problems with it specifically.
As that ticket is a bit old, it's worth a shot. Just don't be surprised if you have problems. You're next bet after that is bind Node.js toport 80 and have it act as a reverse proxy for Apache with https://github.com/nodejitsu/node-http-proxy (still under a fair bit of development).
The optimal solution would be run it on it's own server and just have you're socket traffic go to socket.example.com or something like that.
Socket.io has multiple transport mechanisms. Some of them don't work if you run Apache as reverse proxy, but some do. Transports that don't work are websocket and flash, but xhr-polling and jsonp-polling should work.
Here's an example on setting the transports configuration option for socket.io:
var io = require("socket.io").listen(server);
io.set("transports", ["xhr-polling", "jsonp-polling"]);
On my Apache I'm using the normal name based virtual hosts and reverse proxy setup and with these transports the socket.io seems to be working.
I have been looking around to figure out how to configure Glassfish front ended with Apache. And most of the tutorials using the load balancing plug in is making me enable SSL on Apache. I am trying to understand the connection. I should be able to do non SSL communications when I dont have a need for SSL.
There are several blog posts showing how you can use Apache in front of Glassfish. There are several options and depending on your needs, different strategies might be the most appropriate.
I've used Apache with mod_jk which forwards requests to Glassfish - both https and regular http. Lots of good references here.
It's possible to use other modules in Apache also like mod_proxy, but again the requirements you have will flesh out the most appropriate.
Glassfish also have pretty good http engine inside of it where you can configure virtual hosts like in apache. If the load on the Glassfish server isn't to big, you might consider just using Glassfish without anything in front of it.
You can also use the Sun Java System Web Server SJSWS instead of Apache. Despite it's atrocious name, it is just Sun's web server (free to use). It can be used as a reverse proxy (PDF). The SJWS/Glassfish combination is presumably tested really well by Sun.