WebSphere proxy server

Configuring IBM HTTP Server as a reverse proxy for WebSphere Application Server
WebSphere Network Deployment 8.5 – A Clustered Environment | My

This topic describes how to configure the IBM HTTP Server as a reverse proxy for IBM WebSphere Application Server. A reverse proxy server provides an additional layer of security, protects HTTP servers further up the chain, and improves the performance of Secure Sockets Layer (SSL) requests. Also allows you to change your deployment topology at a later time.

A reverse proxy server is a special HTTP server that prevents direct access to the content HTTP server. All request for the content HTTP server go through the reverse proxy server. For more information about reverse proxies, see Reverse proxy servers in topologies.

These are some of the main advantages of using a reverse proxy server:

  • Future deployment topology changes: When using a reverse proxy in your deployment, you can provide a single host name in your public URL regardless of the machines and port numbers that the applications are deployed on. This enables you to change your deployment topology at a later time.Note: The context root used for the public URL must be the same as the context root used for installing the application and deploying the application to its application server, even when a reverse proxy server is used in the topology. To choose a different context root for your installation, see Choosing a different context root than default.
  • Security: The reverse proxy server provides an additional layer of security and can protect HTTP servers further up the chain. If you are using a firewall between the reverse proxy server and the content HTTP server, you can configure the firewall to allow only HTTP requests from the reverse proxy server.
  • Performance: A reverse proxy server can increase the performance of the WebSphere Application Server in several ways:
  • Encryption and SSL acceleration: You can equip the reverse proxy server with SSL acceleration hardware that can improve the performance of SSL requests.
  • Configuring WebSphere Application Server web server plug-in

    To install and configure the IBM® HTTP Server and Web server plug-ins, refer to the following resources:

    Optional: Additional configuration for application ETL data collection jobs

    If your application reporting ETL jobs are configured to use JTS (oAuth) authentication and there is an HTTP fronting server in the application topology, you must add an additional entry to the httpd.conf file.

    1. Navigate to the installation directory for your IBM HTTP Server.
    2. Open conf\httpd.conf in an editor.
    3. In the Global section (Section 1) of the file, add this entry:

      SetEnv websphere-nocanon 1

    4. Restart your web server.

    Optional: Changing the port number of the web server

    By default, the web server uses port 443 for secure communications over HTTPS. This means that the port number is not displayed in the URL. For example, You can use the default port 443 for new deployments, however, if you are using the reverse proxy to change your deployment from a departmental (all-in-one) topology to a distributed topology, then you must configure the web server to use the existing port number from your original deployment. The default port number for deployments not using a reverse proxy is 9443.

    Source: jazz.net

    Related posts:

    1. Xbox One proxy server
    2. Best Windows proxy server
    3. Windows reverse proxy server
    4. Windows Web proxy server