- Oracle Application Express 4.0 with Ext JS
- Mark Lancaster
- 351字
- 2021-04-09 21:18:18
Overviewing the production setup
Consider the architecture diagram in the next screenshot:
The diagram is a well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture and shows the following zones:
- External internet, outside the DMZ firewall
- External web server tier acting as a reverse proxy between the DMZ firewall and the Intranet firewall
- Corporate intranet behind the Intranet firewall
If your Oracle APEX instance is going to be used only for Intranet applications, we need to consider only the corporate intranet component on the right-hand side of the diagram. This is the basic configuration documented earlier for the Oracle HTTP server.
For Internet-accessible applications, security becomes a much more important factor. Various high-profile hacking attacks have proven that web security is one of the most critical issues facing any business that conducts its operations online. Compared to intranet-only applications, internet-accessible applications have far larger numbers of potential hackers.
Firewalls are configured to allow only specific types of access (HTTP/HTTPS). In DMZ architectures, firewalls are used to restrict the flow of network data so that all inbound traffic from the internet and outbound traffic from the intranet must be processed by web servers acting as proxy servers in the DMZ zone. By using a reverse proxy server, such as Oracle Web Cache or HTTP Server in tandem with internal and external firewalls, you can greatly reduce the risk of exposing your backend data resources.
So what exactly does a reverse proxy do? When a client sends a request to your website, the request goes to the proxy server. The proxy forwards the client's request through a specific path in the intranet firewall to the content web server. The content web server processes the request, passing the result back through the path to the proxy. The proxy server sends the information to the client, rewriting any URLs as though it was the actual content server.
Reverse proxies can be additionally configured to perform extra tasks such as compressing files to optimize network traffic, or facilitating secure transmission of information utilizing Secure Socket Layers (SSL), to provide an encrypted connection between the proxy server and the client.
- Excel函數、公式、圖表、數據處理從新手到高手
- Photoshop CS6平面設計應用教程(第4版)
- Microsoft SharePoint 2010 Power User Cookbook: SharePoint Applied
- 圖像處理中的數學修煉(第2版)
- Adobe創意大學Illustrator CS5 產品專家認證標準教材
- Power Query從入門到精通
- Plone 3 Intranets
- Photoshop移動UI設計從入門到精通
- 新編中文版3ds Max 2016入門與提高
- 剪映:從零開始精通短視頻剪輯(電腦版)
- 寫給大家看的PPT設計書(第2版)
- Java EE 5 Development with NetBeans 6
- Building SOA/Based Composite Applications Using NetBeans IDE 6
- Photoshop圖像處理與制作
- UG NX 11中文版基礎教程