httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Vaughan" <>
Subject RE: [users@httpd] Locking down a proxy server
Date Mon, 23 Mar 2009 09:28:39 GMT

Davide Bianchi wrote:
>Use your local firewall to implement a transparent proxy, configure
>local proxy to forward his request to the main proxy on a special port,
>filter on the main proxy with that port only and implement certificate
>authentication between the local and the central proxy. See the
>documentation of the proxy server. DO NOT USE apache for this.
>An alternative is to implement a VPN between the local offices and the
>central one and have the proxy only talks over the VPN.

Yes, the local firewall is a transparent proxy using a special port
which is 
filtered at head office.  

As the local offices are international I was reluctant to employ SSL
because of the associated import/export restrictions.  Also, I'm not
sure why you 
emphasise not to use Apache.

A VPN would be nice, but some of the connectivity will be via limited
satellite connections, so I do not see this as a way forward.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message