2 Feb 23:49
Recommendations for Mod_security architecture
Shanti Suresh <shanti <at> med.umich.edu>
2010-02-02 22:49:37 GMT
2010-02-02 22:49:37 GMT
Hi all,
We have several applications hosted on separate Apache+Tomcat instances. We use one web-server-to-one App_server
per application in order to provide application isolation. Change management and Configuration
management becomes easy this way.
My questions are:
(1) Should I install mod_security as part of the Apache web-server which already acts as a reverse proxy?
(2) Install a separate Apache server instance+mod_proxy to protect all other (Apache reverse-proxies +
Applications) behind it?
Thanks.
-Shanti
--
Shanti Suresh
Sr. Programmer/Analyst
Enterprise Clinical Systems
**********************************************************
Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Appliances, Rule Sets and Support:
http://www.modsecurity.org/breach/index.html
RSS Feed