0

We have a Web infrastructure with a farm of Web Servers. They are behind a loadbalancer which does SSL offload. We also have a IPS and obviously a set of firewalls.

Now, for security reason we have been asked to look into the possibility of adding a reverse proxy. I insist this is for security reason only as we are not planning to use any caching.

My question is: Is it worth the effort? Is there any added value to an additional layer and if yes would it justify the time spent?

Momo
  • 1

1 Answers1

0

If your webserver is (pre-)forking or uses light weight processes (threads) then using an event based proxy (e.g. ATS, nginx, NOT varnish) in front gives a lot of protection against sloloris type attacks. But in the absence of any caching (or DOS attacks) it's going to slow down your traffic.

Why so anti caching?

symcbean
  • 23,767
  • 2
  • 38
  • 58