- Oracle Application Express 4.0 with Ext JS
- Mark Lancaster
- 351字
- 2021-04-09 21:18:18
Overviewing the production setup
Consider the architecture diagram in the next screenshot:
The diagram is a well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture and shows the following zones:
- External internet, outside the DMZ firewall
- External web server tier acting as a reverse proxy between the DMZ firewall and the Intranet firewall
- Corporate intranet behind the Intranet firewall
If your Oracle APEX instance is going to be used only for Intranet applications, we need to consider only the corporate intranet component on the right-hand side of the diagram. This is the basic configuration documented earlier for the Oracle HTTP server.
For Internet-accessible applications, security becomes a much more important factor. Various high-profile hacking attacks have proven that web security is one of the most critical issues facing any business that conducts its operations online. Compared to intranet-only applications, internet-accessible applications have far larger numbers of potential hackers.
Firewalls are configured to allow only specific types of access (HTTP/HTTPS). In DMZ architectures, firewalls are used to restrict the flow of network data so that all inbound traffic from the internet and outbound traffic from the intranet must be processed by web servers acting as proxy servers in the DMZ zone. By using a reverse proxy server, such as Oracle Web Cache or HTTP Server in tandem with internal and external firewalls, you can greatly reduce the risk of exposing your backend data resources.
So what exactly does a reverse proxy do? When a client sends a request to your website, the request goes to the proxy server. The proxy forwards the client's request through a specific path in the intranet firewall to the content web server. The content web server processes the request, passing the result back through the path to the proxy. The proxy server sends the information to the client, rewriting any URLs as though it was the actual content server.
Reverse proxies can be additionally configured to perform extra tasks such as compressing files to optimize network traffic, or facilitating secure transmission of information utilizing Secure Socket Layers (SSL), to provide an encrypted connection between the proxy server and the client.
- Creo Parametric 8.0中文版基礎入門一本通
- Adobe創意大學After Effects CS5 影視特效師標準實訓教材
- Photoshop數碼攝影后期處理專業技法(第2版)
- Photoshop CS5平面設計入門與提高
- Drools規則引擎技術指南
- 人臉識別算法與案例分析
- Procreate+ SketchUp +Photoshop建筑設計手繪表現技法
- Android從入門到精通
- Power Query從入門到精通
- JBoss Tools 3 Developers Guide
- Choosing an Open Source CMS: Beginner's Guide
- 剪映:從零開始精通短視頻剪輯(電腦版)
- Altium Designer 20 中文版從入門到精通
- Quality Assurance for Dynamics AX-Based ERP Solutions
- Deep Inside osCommerce: The Cookbook