Solved

Hiding IIS with an Apache reverse proxy

Posted on 2004-08-02
4
247 Views
Last Modified: 2013-12-04
Based on the recent bugs in IIS I am looking at hiding IIS behind an Apache reverse proxy.  Will this work or with the current problem will it just pass the request unaltered to the IIS box?  If it does work are there any configuration issues that I should know?
0
Comment
Question by:NBBCTest01
4 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 250 total points
ID: 11699475
From reading up on Apache's RP, looks like it's transparent, all request will be passed- meaning if you look at the headers you get back, they will say IIS verXX. There are filters that can be applied on the apache porxy that may deny certain exploits, but your best bet is to lock it(iis) down with IIS-Lockdown, and UrlScan... keep up with patches, and run AV on the servers if possible. Or move to Apache altogether... always block all ports except the most necessary ones.

http://www.microsoft.com/windows2000/downloads/recommended/iislockdown/default.asp
http://www.microsoft.com/technet/security/tools/urlscan.mspx

-rich
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question