41
edits
Changes
Jump to navigation
Jump to search
mLine 25:
Line 25: − +
Generic website infrastructure setup (view source)
Revision as of 18:47, 9 October 2018
, 5 years agono edit summary
The default internet port are 80 for http and 443 for https, once the portforwarding is configured for those port (80 & 443) it'll affect all the web traffics coming on this port. A simple port forwarding will work if you have a single web server (could host serveral websites) but if you have multiple web servers you may have to forward your traffic to a reverse proxy[https://en.wikipedia.org/wiki/Reverse_proxy] that will be able to redirect the traffic based on the domain/subdomain or/and url.
The default internet port are 80 for http and 443 for https, once the portforwarding is configured for those port (80 & 443) it'll affect all the web traffics coming on this port. A simple port forwarding will work if you have a single web server (could host serveral websites) but if you have multiple web servers you may have to forward your traffic to a reverse proxy[https://en.wikipedia.org/wiki/Reverse_proxy] that will be able to redirect the traffic based on the domain/subdomain or/and url.
If you want to be sure that internet traffic can reach the other device on your network (LAN), you can place the reverse proxy in a DMZ[https://en.wikipedia.org/wiki/DMZ_(computing)] with firewall rule that allow only the traffic from internet to the reverse proxy and from the reverse proxy to the local LAN (ie. your servers) but the firewall will block all other traffic coming from internet. For such setup there is an open source security appliance called pfSense that is able to do the firewall and the reverse proxy (with the module called HAProxy), pfSense can be installed on an old Pc or deployed on a virtual machine
If you want to be sure that internet traffic can't reach the other device on your network (LAN), you can place the reverse proxy in a DMZ[https://en.wikipedia.org/wiki/DMZ_(computing)] with firewall rules that allow only the traffic from internet to the reverse proxy and from the reverse proxy to specific IP on your local LAN (ie. your servers) but the firewall will block all other traffic coming from internet. For such setup there is an open source security appliance called pfSense that is able to do the firewall and the reverse proxy (with the module called HAProxy), pfSense can be installed on an old Pc or deployed on a virtual machine.
=Virtual host=
=Virtual host=