What if you have an apache acting as a gateway which is configured to only accepting html drop everything else from the Internet then forward only html to the backend server for processing on the private network, would that not make the backend server less vulnerable than if you hadn't taken the precaution of adding the extra layer and an html filter ?
https://www.groundupsystem.com/ <https://www.groundupsystem.co.uk/> https://www.groundupsystem.co.uk/ ¯\_(ツ)_/¯ ♡۶♡ ۶♡۶ <http://www.backbutton.co.uk> On Sun, 16 Mar 2025, 12:35 Eric Covener, <cove...@gmail.com> wrote: > On Sun, Mar 16, 2025 at 4:20 AM Zahid Rahman <zahidr1...@gmail.com> wrote: > > > > Let me rephrase my question then. Using Apache without the reverse proxy > feature > > https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html > > > > Does it leave your apache webserver vulnerable to attack ? > > No, enabling mod_proxy in a server doesn't make it any less > vulnerable. What type of vulnerability could it possibly mitigate? > > It is reasonable to say that putting any application behind any proxy > with anything resembling security or WAF-like features makes the > backend less vulnerable to attack (on the whole). OTOH there are > vulnerabilities that only affect proxies or the desync between the > expectations of a proxy and the backends so this is not a total > slam-dunk either. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
