Title: Reverse Proxy to secure web servers
Post by: sachitre on September 14, 2011, 11:20:39 PM
I am looking for some resources or information on how reverse proxies can help defend web servers against attacks. I have googled and found a few articles on SANS and a couple of technet articles however I am more interested in specific attacks that may be stopped. Here are a few articles that I have reviewed.
If this is already covered in earlier discussions please point me to it. My searches returned only two results for reverse proxies.
If there is any information on exploiting weaknesses in reverse proxies that will also be helpful.
Thanks in advance.
Title: Re: Reverse Proxy to secure web servers
Post by: MaXe on September 15, 2011, 08:21:02 AM
An example of a reverse proxy in the cloud, is CloudFlare. It works better than you would actually think, but not only is it a reverse proxy, it also has WAF (Web Application Firewall) capabilities, and "reputation based" traffic control. (IP's are matched against a relational database, to see if a lot of spam has come from that IP.)
I can only highly recommend this service, even the free version works wonders. There are of course, a few minor things that has to be made, in order to make it work optimal, but overall it's fairly easy to install.