Well, I’ve finally changed up my website architecture using Apache 2.0.55 to where it essentially looks like this: client browser connects to HTTP port 80 (or HTTPS port 443) through the internet to the outside of my firewall > the firewall NATs the connection to the web proxy ports (undisclosed) > the web proxy connects to one of several internal web servers I’ve specified it to connect to > the queried web server then renders the page back through the web proxy and then back to the client through the internet. Basically, with this new design in place, I can offload SSL processes to the web proxy (separate server) and it will take the encryption load off of my web servers (thus making it much more efficient on processing). I can also proxy any internal network appliance web interface (such as SHOUTCast servers, webcam servers, wireless access point servers, etc.) through the web proxy, and on top of that I can encrypt it all using AES-256 (when using Firefox), as well as password out specific sites at the Apache web server level. Some really sweet technology …
Leave a Reply