Questions tagged [reverse-proxy]
The reverse-proxy tag has no summary.
4 questions
1
vote
1
answer
214
views
What is the proper way of starting an HTTP-only reverse shell using Chisel?
My lab has these restrictions:
1. Inbound and Outbound HTTP connections are allowed from CONFLUENCE01.
2. For Non-HTTP connections, only inbound TCP is allowed at port 8090 of CONFLUENCE01.
3. ...
- 21
1
vote
1
answer
200
views
Security considerations when using Apache with SSL enabled and Node.JS without SSL
So I have a peculiar setup to work with. The main server is your standard off-the-mill Apache server with SSL enabled bound to a public domain (NOT localhost!). My Node.JS server runs on localhost:...
- 111
4
votes
1
answer
876
views
Attack surface of a reverse proxy secured with mTLS?
Suppose that I have a reverse proxy such as caddy or Traefik that requires a client certificate to authenticate via mTLS, globally across reverse proxy.
What is the attack surface for services behind ...
- 43
1
vote
0
answers
106
views
Is reducing the webserver stack from Caddy, NGINX and PHP-FPM to only Caddy and PHP-FPM a reduction in layered-security?
I have a situation where a webserver behind a network firewall is ran inside of Docker containers. It is setup in this order:
Caddy webserver - acts as WAF, GEOIP block, IP blacklist, HTTP Security ...
- 7,725