Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
What is proxy server exactly. What its purpose ?
there are two types of firewall: packet filters and proxies.
A proxy can have many purposes. Essentially it's a gateway that can restrict and/or log network accesses.
Maybe you're the admin of a network and you want to monitor the web traffic being accessed by company employees.
In that case you might have your client computers configured such that their web browsers / other apps are configured to access the internet through the proxy.
The proxy can then log what is being accessed - and by whom.
Proxies like squid specialise in caching frequently accessed network resources, in order to reduce bandwidth consumption.
There are many other uses, these are just a few. Hope this helps!
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
is it possible to use transaction layer security (tls) to secure an external client/server application without modifying the code of the application itself?
Say a client application on a machine connects to several servers on several machines over an unsecured connection. I want to encrypt this connection using openssl/tls, but I can't modify neither client nor servers, but the machine configurations (linux os running underneath). I just found stunnel but it seems that it just supports a 1:1 connection.
Thanks in advance.
If you have a finite (and reasonably small) number of servers and you can configure the port number on your client for each connection, you could run stunnel on multiple ports, each one corresponding to a different destination.
However, it sounds like setting up a VPN between all these machines would be a better option. Some VPN implementations rely on TLS, but I'm not sure it would be the best choice here. You might want to investigate other methods, such as IPSec too.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I am hosting and application in IIS. the application is a INTRANET APPLICATION.
Already the server has 2 application hosted in it with host names
site1.k.com and site2.k.com
k.com is my domain name.
I have give host name for my site as
site3.k.com
Do i have to make DNS entry for this.
If you have a wildcard dns entry such that <anything>.k.com goes to your server, then you don't need a specific DNS entry for site3.k.com, but it might make things easier down the road if you have it.
Of course, if you don't have the wildcard set up, and you need to have the url for site3.k.com work, then yeah, it'd be required.
Now, you mention that this is intranet ... if you have a windows server configured to broadcast that it's name is site3 via WINS service, then you might get away with not having the DNS entry, but this behavior is not reliable, because WINS may or may not route to remote sites, depending on WAN and/or VPN configurations, and will generally be a pain in the ass for support.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I have caught a hacker after looking through my site's FTP logs - it looks as if they have gleaned a list of passwords for several of my sites and are now connecting on a daily basis to upload spammy PHP files that perform header redirects to their sites. They always connect from the same IP address.
Blocking that IP and changing the FTP passwords is a given, but it seems so mundane and submissive. Is there anything I can do to this guy as he connects or once he's already in the system?
Some recommendations:
Change your FTP port. Most script kiddies use a port scanner to scan a list of IP addresses for TCP services. They mostly look for port 21.
Disable root login for SSH.
You mentioned this before, but make sure your password is secure and not written down on a post-it note on you computer monitor.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I had some test sites setup on a server that had one IP and utilized different ports for the site like this.
www.acme.com:5000
www.acme.com:6000
This worked great until a SSL certificate was installed on the server. Now the sites above are not coming up.
How do I configure them so that they come up again?
SSL can only segmented by IP and Port. You can however can run SSL over a different port than 443 by simply adding a binding for https and a different port.
In IIS 7.x, in the Bindings for the site, you would add one for SSL and change the port:
What would also need to happen, which isn't shown in this image is the selection of the appropriate SSL certificate which would need to be configured on the server. With that set, you would then access the site by going to:
https://mysite:1234/...
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
Is there anyway to config IIS to serve static file like CDN? Like Gzip, Cache, E-tag, Mod-date?
And how should we config to make it very robust on massive requests?
I know it's a short question but that's all I want to ask.
To the question on the IIS version, i prefer 6 and 7 IIS. You can give your answer on either 6 or 7 :)
Thanks! I hope people find this question useful!
regardless of the server (IIS, Apache, etc.):
You achieve robustness through scale. Put 1000-2000 servers behind a few hardware load-balancers (F5's). Monitor constantly to ensure they all have the same files. Secure your file system so writes are allowed by only 1-2 users. Spread them geographically across network providers, power suppliers and backhoe opportunities.
Or just outsource it to someone who's already done all of this.