WebSphere proxy server
This topic describes how to configure the IBM HTTP Server as a reverse proxy for IBM WebSphere Application Server. A reverse proxy server provides an additional layer of security, protects HTTP servers further up the chain, and improves the performance of Secure Sockets Layer (SSL) requests. Also allows you to change your deployment topology at a later time.
A reverse proxy server is a special HTTP server that prevents direct access to the content HTTP server. All request for the content HTTP server go through the reverse proxy server. For more information about reverse proxies, see Reverse proxy servers in topologies.
These are some of the main advantages of using a reverse proxy server:
Configuring WebSphere Application Server web server plug-in
To install and configure the IBM® HTTP Server and Web server plug-ins, refer to the following resources:
Optional: Additional configuration for application ETL data collection jobs
If your application reporting ETL jobs are configured to use JTS (oAuth) authentication and there is an HTTP fronting server in the application topology, you must add an additional entry to the httpd.conf file.
- Navigate to the installation directory for your IBM HTTP Server.
- Open conf\httpd.conf in an editor.
- In the Global section (Section 1) of the file, add this entry:
SetEnv websphere-nocanon 1
- Restart your web server.
Optional: Changing the port number of the web server
By default, the web server uses port 443 for secure communications over HTTPS. This means that the port number is not displayed in the URL. For example, You can use the default port 443 for new deployments, however, if you are using the reverse proxy to change your deployment from a departmental (all-in-one) topology to a distributed topology, then you must configure the web server to use the existing port number from your original deployment. The default port number for deployments not using a reverse proxy is 9443.