× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. October 2009

Re: NEW QUESTION on INTRANET vs. INTERNET.

Ok, here goes.

In /www/nameofport80webserver/conf/ , you will find the httpd.conf file.
You need to edit it and add the following things:

LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
ProxyPreserveHost On

ProxyPass /dirname http://127.0.0.1:8000/dirname
ProxyPassReverse /dirname http://127.0.0.1:8000/dirname

Where "dirname" is the name of the directory in the zendcore htdocs that
you want to make accessible. Yes, it is possible to open up the whole
htdocs folder, but I generally don't suggest it. By doing it folder by
folder, you can control which are accessible to the outside world and
which are only accessible via port 89.

You may have noticed port 8000 in the directives. This is the Apache
server running in PASE that Zend uses. It should already be there so
nothing to configure there.

I usually put the first group of directives at the top of the httpd.conf
file and the ProxyPass pair at the bottom. I don't know if that makes a
difference. It's just the way I was taught to do it.

Once you have edited the httpd.conf file, you will need to restart the
port 80 web server.

You are right to secure port 89. You don't want someone outside to get
into your PHP configurations.

As for opening yourself to other problems, there is always that risk. It
depends on your PHP code and what it does. Biggest threat is probably SQL
injection. You can read up on the web about the different possibilities.

HTH,

Brian May
Project Lead
Management Information Systems
Garan, Incorporated
Starkville, Mississippi

Young i Professionals
http://www.youngiprofessionals.com



"Tom Deskevich" <thomas.l.deskevich@xxxxxxxxxxxxx>
Sent by: web400-bounces@xxxxxxxxxxxx
10/09/2009 01:07 PM
Please respond to
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>


To
"'Web Enabling the AS400 / iSeries'" <web400@xxxxxxxxxxxx>
cc

Subject
[WEB400] NEW QUESTION on INTRANET vs. INTERNET.






Ok, how do I setup ProxyPass and ProxyPassReverse?

Also, is this exposing me to any risks, as mentioned in the previous
email?

I do have port 89 setup to force as/400 credentials to be entered.

So as soon as they hit port 89, they are presented with a sign on dialog.



Tom Deskevich
Infocon








As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.