- Oracle Application Express 4.0 with Ext JS
- Mark Lancaster
- 351字
- 2021-04-09 21:18:18
Overviewing the production setup
Consider the architecture diagram in the next screenshot:
The diagram is a well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture and shows the following zones:
- External internet, outside the DMZ firewall
- External web server tier acting as a reverse proxy between the DMZ firewall and the Intranet firewall
- Corporate intranet behind the Intranet firewall
If your Oracle APEX instance is going to be used only for Intranet applications, we need to consider only the corporate intranet component on the right-hand side of the diagram. This is the basic configuration documented earlier for the Oracle HTTP server.
For Internet-accessible applications, security becomes a much more important factor. Various high-profile hacking attacks have proven that web security is one of the most critical issues facing any business that conducts its operations online. Compared to intranet-only applications, internet-accessible applications have far larger numbers of potential hackers.
Firewalls are configured to allow only specific types of access (HTTP/HTTPS). In DMZ architectures, firewalls are used to restrict the flow of network data so that all inbound traffic from the internet and outbound traffic from the intranet must be processed by web servers acting as proxy servers in the DMZ zone. By using a reverse proxy server, such as Oracle Web Cache or HTTP Server in tandem with internal and external firewalls, you can greatly reduce the risk of exposing your backend data resources.
So what exactly does a reverse proxy do? When a client sends a request to your website, the request goes to the proxy server. The proxy forwards the client's request through a specific path in the intranet firewall to the content web server. The content web server processes the request, passing the result back through the path to the proxy. The proxy server sends the information to the client, rewriting any URLs as though it was the actual content server.
Reverse proxies can be additionally configured to perform extra tasks such as compressing files to optimize network traffic, or facilitating secure transmission of information utilizing Secure Socket Layers (SSL), to provide an encrypted connection between the proxy server and the client.
- 中文版Photoshop入門與提高(CS6版)
- After Effects CC影視后期制作實戰從入門到精通
- Word論文排版之道
- ERP沙盤模擬教程
- Hadoop核心技術
- Dreamweaver CC實例教程(第5版·微課版)
- ASP.NET MVC 2 Cookbook
- iPhone JavaScript Cookbook
- 中文版Rhino 5.0完全自學教程(第3版)
- Vivado從此開始(進階篇)
- 中文版Photoshop 2022基礎教程
- Microsoft Azure: Enterprise Application Development
- Vue.js實戰
- 好用,Excel數據處理高手
- Cassandra High Performance Cookbook