This may be a trivial issue as one can always port forward 55415 to a public domain for internet client access. For me I do not want to open more ports than I absolutely need to. I reverse proxy almost all my bare metal, from cockpit web-socket upgrade and also an on premise exchange server. Both use different methods to reverse proxy but it works and I like the protection offered.
I am using Apache [httpd on CentOs] and run all my SSL’s to my proxy handoff since my internal network is relatively calm (Just me and the wife). This also allows all my SSL’s to be installed on the single proxy server.
My question:
**Reverse Proxy to Server Backend port 55415 for client running on Internet domain and port 443?
Internet client is currently running with:
Internet Name: domainName.com
Internet Port: 55415
Https Proxy: off [as I dont proxy forward]
Router has port 55415 open to backup server
^^ This works as expected and its great, but I’m neurotic and that open ports bugs me since my router logs fill up with bot scans for open ports every day. Is it bad… No, just annoying.
What I have tested with only fails:
setting up Vhost on httpd and using proxypass to backend ip:port as follows:
<VirtualHost *:443>
ServerName backupname.domain.com
ErrorLog /dir/for/error/logs
ProxyPreserveHost On
ProxyPass / http://local-ip-to-srv:55415/
ProxyPassReverse / http://local-ip-to-srv:55415/
SSLEngine On
SSLProxyEngine On
SSLCert…File /path/to/cert/file (not actual syntax for ssl setup)
SSLKey…File /path/to/key/file (Again Not actual syntax for ssl setup)
Client Response: “Connected with backup server” (Not exact verbage but close)
How ever the web GUI shows client offline and no connection so its not jumping through the reverse proxy somehow.
Now this works beautifully to reverse proxy to the http server on 55414 but I get no love on internet client connection…
What Ive tried:
timeout to 900sec (no dice)
disable keep alive (no dice)
used allowCONNECT 55415 (no dice since that is for a forward proxy)
Possibility to try:
Reverse proxy upgrade to websocket (secured) for internet client.
Let me know if anyone has figured out a way to reverse proxy the internet client.
Thanks in advance,
Kevin