THE WHOLE TRAFFIC AT YOUR COMMAND – WITH REVERSE PROXY
Page views, Web events, e-mails, phone calls – track all that stuff without the need to alter your website. Is it possible? Yes, that’s how the story goes – thanks to Reverse Proxy technology detailed reports of the conversions in you domain are possible.
FLEXIBLE AND CONTROLLABLE ACCESS TO YOUR TRAFFIC DATA
Reverse Proxy works and controls access to the « internal » web server out of the Internet. Unlike port forwarding, you can create dedicated filtering rules via the Reverse Proxy. In addition, multiple internal web servers can be addressed through your domain with only one public IP.
Another highlight is the load balancing, which means that a number of Servers can be assigned to a single group. The queries to this group can be distributed based on a selected algorithm (eg round robin).
The Reverse Proxy works the other way around and is comparable with load balancing. The clients access the Internet without proxy. A group of Web servers can be hidden behind a proxy, and the web servers are then not directly accessible.
The proxy does not pass frequent identical queries from the Internet to the web server, but it works them itself, based on the cached data.
Such a simple load balancing is possible without expensive or complicated load balancing. Reverse proxies can also prevent unauthorized access to your domain. Permission to access multiple servers can be also handled centrally by a proxy.
- Faster data access to the identical data
- Cost savings in Internet traffic
- Integration of antivirus and spam filter available
A proxy provides more protection for the systems that communicate via a proxy. Unsolicited packets from external computers can no longer reach the local network, because the proxy can forward the requests from the Internet only if an outbound connection is established. In addition, virus filters are installed on the proxy. This can work effectively when every Internet access comes about via the proxy.
- Cache coherency by outdated content in the cache
- Not every application supports proxy
- Not every Internet protocol is proxy-compatible
The drawback of proxies is that for each Internet protocol there must be an installed proxy. This means that the proxy program must understand all the possible protocols, that Internet has to offer, such as HTTP, POP, and SMTP etc.
IN A NUTSHELL: HOW TO SET UP YOUR REVERSE PROXY
The aim of this HOWTO is to show you, how you can access an internal Web server per Reverse Proxy.
- Web Server IP: 172.16.0.91
- External IP: 192.168.6.19
- Domain: web.test.local – 192.168.6.19
Attention: When you plan to use https requests on your web server via the Reverse Proxy, you need first to change the port of the web interface. Go to « Tools – Advanced Settings » and set the address to 4443. To ensure you can still access the user interface, you will need to define a corresponding rule.
To ensure https talk runs well via the Reverse Proxy, you need a certificate, so that it can accept the Encrypted connection. Go to « Authentication – Certificates » and create a new certificate. Important: the name of the certificate must bear the same name as the domain, for example « web.test.local. »
NETWORK OBJECTS AND WHATSNOT
First off, we need a network object with the IP of the web server. To occur this, proceed as follows:
- Log in to the appliance
- Go to Firewall > Port Filter > Network Objects
- Click « Add to Cart » and fill in the fields accordingly.