170 likes | 184 Views
Web and Proxy Server. Web Server. Web server is a computer where the web content is stored. Basically web server is used to host the web sites but there exists other web servers also such as gaming, storage, FTP, email etc. Apache HTTP Server.
E N D
Web Server • Web server is a computer where the web content is stored. Basically web server is used to host the web sites but there exists other web servers also such as gaming, storage, FTP, email etc.
Apache HTTP Server • This is the most popular web server in the world developed by the Apache Software Foundation. Apache web server is an open source software and can be installed on almost all operating systems including Linux, UNIX, Windows, FreeBSD, Mac OS X and more. About 60% of the web server machines run the Apache Web Server.
Internet Information Services (IIS) • The Internet Information Server (IIS) is a high performance Web Server from Microsoft. This web server runs on Windows NT/2000 and 2003 , 2008, 2012 platforms (and may be on upcoming new Windows version also). IIS comes bundled with Windows NT/2000 and 2003; Because IIS is tightly integrated with the operating system so it is relatively easy to administer it.
Http Server Installation and Configuration • Yum install httpd • Service httpd start
Virtual Hosting • Virtual Hosting is a method of hosting multiple domain names on a server using a single IP address. This allows one server to share its resources, such as memory and process cycles, in order to use its resources more efficiently.
Virtual Hosting Example • Vi /etc/httpd/conf/httpd.conf • (Add the below lines at the bottom of the page)<VirtualHost 192.168.1.6:80>ServerAdminroot@server1.example.comDocumentRoot /var/www/user/deepak/siteServerNamedeepak.example.comErrorLog logs/server1.example.com-error_logCustomLog logs/server1.example.com-access_log common</VirtualHost><VirtualHost 192.168.1.6:80>ServerAdminroot@server1.example.comDocumentRoot /var/www/user/amit/siteServerNameamit.example.comErrorLog logs/server1.example.com-error_logCustomLog logs/server1.example.com-access_log common</VirtualHost>
HTTP caching • HTTP caching occurs when the browser stores local copies of web resources for faster retrieval the next time the resource is required. As your application serves resources it can attach cache headers to the response specifying the desired cache behavior. • When an item is fully cached, the browser may choose to not contact the server at all and simply use its own cached copy:
Proxy Caching Server Configuration • Proxy server is a computer that sits between a client computer and the Internet, and provide indirect network services to a client. • It may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet. • A proxy server intercepts all client requests, and provide responses from its cache or forwards the request to the real server. A client computer is connected to the proxy server, which acknowledges client requests by providing the requested resource/data from either a specified server or the local cache memory. Client requests include files or any other resources available on various servers.
Uses of Proxy Server • Proxy servers are used for several purposes. If it is used as a caching web proxy, it can dramatically improve performance of a web response. When a request is made by a client, a caching proxy returns response directly from its cache if the document already exists. Otherwise, it makes the request to the real server, returns the result, and save it in its cache for later use. • Proxy servers are also used as "web proxies" to filter web page contents. An organization or company may use a proxy server to block offensive web contents from viewed by the users. • Considering the growing need within organizations to prevent employees from accessing specific websites, such as facebook.com, proxy servers are being deployed across the computers connected to the intranet. • Further, web proxies can be used to prevent the attack of computer viruses and malware, as well as other hostile content transferred across the internet web pages. Internet Service providers (ISPs) may also use proxies to block computer viruses and other offensive contents.
Squid Proxy Server Configuration • Yum install squid • Cp /etc/squid/squid.conf /etc/squid/squid.conf.default • To block the facebook add following line in squid.conf • # vi /etc/squid/squid.conf • Add these lines in ACL Section • aclban_domainsdstdomain “/etc/squid/ban_domains.txt”http_access deny ban_domains • Service squid start • vi /etc/squid/ban_domains.txt • Add ban domains name line by line • www.youtube.comwww.facebook.com • save and exit. • Open the 3128 port from linux server
Now open up browser on client computer and point squid server IP in proxy settings with 3128 port. After adding ACL, Squid will start denying www.youtube.com.
Proxy Authentication mechanism • NTLM • In a Windows network, NT LAN Manager (NTLM) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users. NTLM is the successor to the authentication protocol in Microsoft LAN Manager(LANMAN), an older Microsoft product. The NTLM protocol suite is implemented in a Security Support Provider, which combines the LAN Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package.
Proxy-MySQL Auth • The MySQL Proxy is an application that communicates over the network using the MySQL Network Protocol and provides communication between one or more MySQL servers and one or more MySQL clients. In the most basic configuration, MySQL Proxy simply passes on queries from the client to the MySQL Server and returns the responses from the MySQL Server to the client. • Because MySQL Proxy uses the MySQL network protocol, any MySQL compatible client (include the command line client, any clients using the MySQL client libraries, and any connector that supports the MySQL network protocol) can connect to the proxy without modification.
Proxy-Radius Auth Basics • RADIUS proxies are used to redirect traffic destined for a certain server when there are multiple RADIUS servers used within the network. • Based on certain predefined rules, a proxy server will determine where will be the request sent. These type of RADIUS servers can be used to redirect authentication requests based on user’s domain. • Suppose you have multiple domains within your forest and each one would have its own RADIUS server to authenticate users. The proxy would be configured to forward authentication requests to the destined RADIUS server. • Another common way for using a proxy is to alleviate portions of the network by load balancing traffic destined for RADIUS servers.
Troubleshooting Squid • Squid logs both informational and error messages to files in the /var/log/squid/ directory. It is best to review these files first whenever you have difficulties.Thesquid.out file can be especially useful as it contains Squids' system errors. • Another source of errors could be unintended statements in the squid.conf file that cause no errors; mistakes in the configuration of hours of access and permitted networks that were forgotten to be added are just two possibilities. By default, Squid operates on port 3128, so if you are having connectivity problems,