Yeah, you'll want to allow connections only from the frontend webserver. That's probably 127.0.0.1, but it would be different if you're doing a frontend server with a pool of backends. On Tue, Sep 26, 2017, at 08:04 PM, Matthew Butterick wrote: > >> On Sep 26, 2017, at 3:45 PM, Alexis King >> <lexi.lam...@gmail.com> wrote:>> >> When an HTTPS request reaches Apache, it will use the certificate >> that it knows about to perform SSL negotiation, then it will >> forward the>> decrypted HTTP request to your Racket server over ordinary >> HTTP. >> It will>> subsequently encrypt the response it receives, then send it >> back to the>> client. This means your Racket server doesn’t need to worry >> about SSL> > OK thanks. That works. It just seems like cheating — laundering HTTP > into HTTPS.> > What about the new HTTP port that the Racket web server has opened? > Should that be secured somehow (e.g., firewall)?>
> -- > You received this message because you are subscribed to the Google > Groups "Racket Users" group.> To unsubscribe from this group and stop > receiving emails from it, > send an email to racket-users+unsubscr...@googlegroups.com.> For more > options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
