Previously, we took at look at how reverse (both terminating and non-terminating) are handled in the Linux world. In Windows though, we have two very viable options supported by Microsoft without using any third party software. These are respectively, the Web Application Proxy (part of the Remote Access Role), and ARR, a plugin for IIS. Web Application Proxy: The Web Application Proxy (WAP in… [read more →]
HAProxy is an incredibly versatile reverse proxy that’s capable of acting as both an HTTP(S) proxy like above, and a straight TCP proxy which allows you to proxy SSL connections as-is without decrypting and re-encrypting them (terminating). It doesn’t require a wild card (or any certificate, since the cert and private key live exclusively on the backend), but you lose the ability to inspect tra… [read more →]
Reverse proxies accept connections on behalf of a server coming from a client. They are the opposite of forward proxies, which accept connections on behalf of a client destined for a server. They’re incredibly useful in two main cases: tightly controlled (and managed) ingress into a network, and supporting older products that don’t natively support the latest and greatest encryption. Let’s be hones… [read more →]
In this guide we will show you how to setup an SSL Certificate for a domain on your NGINX VPS or Dedicated Server while putting into place the best security options and configurations including selecting the most secure cipher suite. We assume you have your SSL Certificate issued and the private key ready to install on your server already. If not you will need to look into how to generate a CSR… [read more →]
There are a few options when it comes to securing your Magento store and in this article we will cover some of the best practices to do so. We will also look at our options when it comes to Multiple Stores with or without different domains in your Magento installation, and how that can effect which SSL you use and how you use it. Do I need to secure my whole magento site or just parts? When it… [read more →]