Forwarding web calls to a second server with a proxy
Posted on 2004-03-31
We're looking into setting up a server in a DMZ that will forward web site requests on to a second server inside our network. The idea is that nothing's running on the server in the DMZ except this 'proxy' software, so that if the machine gets hacked, we wipe it clean with minimal recovery effort.
What we want to happen is that a user conncects to the server in the DMZ, and the 'proxy' takes the web requests and forwards it to a web server inside the firewall. The 'proxy' gets the response back from the web server and sends it back to the calling code. We don't want to use URL redirection, because the idea is that only the 'proxy' server has permission to contact the web server on the internal network. It's kinda like an anonymous proxy, but we don't care about hiding the IP Addresses of the connecting clients. Right now we're looking at handling HTTP and HTTP/S calls
Ideally we're looking for something that runs on a Windows OS. Is there any way to configure ISA Server or IIS to do this? Otherwise we'll have to look into putting our ASP code on the DMZ server and connecting to the database inside our network.