Download Web and Proxy Server

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Transcript
Web and Proxy Server
Web Server
• Web server is a computer where the web
content is stored. Basically web server is used
to host the web sites but there exists other
web servers also such as gaming, storage, FTP,
email etc.
Apache HTTP Server
• This is the most popular web server in the
world developed by the Apache Software
Foundation. Apache web server is an open
source software and can be installed on
almost all operating systems including Linux,
UNIX, Windows, FreeBSD, Mac OS X and more.
About 60% of the web server machines run
the Apache Web Server.
Internet Information Services (IIS)
• The Internet Information Server (IIS) is a high
performance Web Server from Microsoft. This
web server runs on Windows NT/2000 and
2003 , 2008, 2012 platforms (and may be on
upcoming new Windows version also). IIS
comes bundled with Windows NT/2000 and
2003; Because IIS is tightly integrated with the
operating system so it is relatively easy to
administer it.
Http Server Installation and
Configuration
• Yum install httpd
• Service httpd start
Virtual Hosting
• Virtual Hosting is a method of hosting multiple
domain names on a server using a single IP
address. This allows one server to share its
resources, such as memory and process
cycles, in order to use its resources more
efficiently.
Virtual Hosting Example
• Vi /etc/httpd/conf/httpd.conf
• (Add the below lines at the bottom of the page)
<VirtualHost 192.168.1.6:80>
ServerAdmin [email protected]
DocumentRoot /var/www/user/deepak/site
ServerName deepak.example.com
ErrorLog logs/server1.example.com-error_log
CustomLog logs/server1.example.com-access_log common
</VirtualHost>
<VirtualHost 192.168.1.6:80>
ServerAdmin [email protected]
DocumentRoot /var/www/user/amit/site
ServerName amit.example.com
ErrorLog logs/server1.example.com-error_log
CustomLog logs/server1.example.com-access_log common
</VirtualHost>
HTTP caching
• HTTP caching occurs when the browser stores
local copies of web resources for faster
retrieval the next time the resource is
required. As your application serves resources
it can attach cache headers to the response
specifying the desired cache behavior.
• When an item is fully cached, the browser
may choose to not contact the server at all
and simply use its own cached copy:
Proxy Caching Server Configuration
• Proxy server is a computer that sits between a client
computer and the Internet, and provide indirect network
services to a client.
• It may reside on the user's local computer, or at various
points between the user's computer and destination
servers on the Internet.
• A proxy server intercepts all client requests, and provide
responses from its cache or forwards the request to the
real server. A client computer is connected to the proxy
server, which acknowledges client requests by providing
the requested resource/data from either a specified server
or the local cache memory. Client requests include files or
any other resources available on various servers.
Uses of Proxy Server
• Proxy servers are used for several purposes. If it is used as a caching web
proxy, it can dramatically improve performance of a web response. When
a request is made by a client, a caching proxy returns response directly
from its cache if the document already exists. Otherwise, it makes the
request to the real server, returns the result, and save it in its cache for
later use.
• Proxy servers are also used as "web proxies" to filter web page contents.
An organization or company may use a proxy server to block offensive web
contents from viewed by the users.
• Considering the growing need within organizations to prevent employees
from accessing specific websites, such as facebook.com, proxy servers are
being deployed across the computers connected to the intranet.
• Further, web proxies can be used to prevent the attack of computer
viruses and malware, as well as other hostile content transferred across
the internet web pages. Internet Service providers (ISPs) may also use
proxies to block computer viruses and other offensive contents.
Squid Proxy Server Configuration
• Yum install squid
•
•
•
•
•
•
•
•
•
•
•
Cp /etc/squid/squid.conf /etc/squid/squid.conf.default
To block the facebook add following line in squid.conf
# vi /etc/squid/squid.conf
Add these lines in ACL Section
acl ban_domains dstdomain “/etc/squid/ban_domains.txt”
http_access deny ban_domains
Service squid start
vi /etc/squid/ban_domains.txt
Add ban domains name line by line
www.youtube.com
www.facebook.com
save and exit.
Open the 3128 port from linux server
• Now open up browser on client computer and
point squid server IP in proxy settings with
3128 port. After adding ACL, Squid will start
denying www.youtube.com.
Proxy Authentication mechanism
• NTLM
• In a Windows network, NT LAN Manager (NTLM) is a
suite of Microsoft security protocols that
provides authentication, integrity, and
confidentiality to users. NTLM is the successor to the
authentication protocol in Microsoft LAN
Manager(LANMAN), an older Microsoft product. The
NTLM protocol suite is implemented in a Security
Support Provider, which combines the LAN
Manager authentication protocol, NTLMv1, NTLMv2
and NTLM2 Session protocols in a single package.
Proxy-MySQL Auth
• The MySQL Proxy is an application that communicates over
the network using the MySQL Network Protocol and
provides communication between one or more MySQL
servers and one or more MySQL clients. In the most basic
configuration, MySQL Proxy simply passes on queries from
the client to the MySQL Server and returns the responses
from the MySQL Server to the client.
• Because MySQL Proxy uses the MySQL network protocol,
any MySQL compatible client (include the command line
client, any clients using the MySQL client libraries, and any
connector that supports the MySQL network protocol) can
connect to the proxy without modification.
Proxy-Radius Auth Basics
• RADIUS proxies are used to redirect traffic destined for a certain
server when there are multiple RADIUS servers used within the
network.
• Based on certain predefined rules, a proxy server will determine
where will be the request sent. These type of RADIUS servers can
be used to redirect authentication requests based on user’s
domain.
• Suppose you have multiple domains within your forest and each
one would have its own RADIUS server to authenticate users. The
proxy would be configured to forward authentication requests to
the destined RADIUS server.
• Another common way for using a proxy is to alleviate portions of
the network by load balancing traffic destined for RADIUS servers.
Troubleshooting Squid
• Squid logs both informational and error messages to
files in the /var/log/squid/ directory. It is best to review
these files first whenever you have difficulties.The
squid.out file can be especially useful as it contains
Squids' system errors.
• Another source of errors could be unintended
statements in the squid.conf file that cause no errors;
mistakes in the configuration of hours of access and
permitted networks that were forgotten to be added
are just two possibilities. By default, Squid operates on
port 3128, so if you are having connectivity problems,