Wednesday, June 25, 2014

Part 4: Http Unrevealed - Outside of Http

Outside of Http:
Proxy Server-
 
Is very much visible to end users. It takes users http request and take response back from server to the user.
Benefits of Proxy Server-1. In order to prevent users accessing restricted sites we can use proxy server to capture all http traffic at proxy server and thus setup strategy that will not send these requests to destination server. In this way we can ensure no one use the sites that is restricted.

2.Proxy server in fact can be used to inspect /probe the confidential message flow from system to server. In a way we can remove referrer headers that referenced organization resources such as images, files etc.

3. Proxy server can acts as access control to create http log that act as audit trail for http request that is send.
 
Type of Proxy
Forward Proxy Server-
This server sits close to client. This proxy help secure confidential information and can help filter traffic send from the client to destinations server.
 
Reverse Proxy-
is a proxy server that sits close to the server.This server can take off the load from destination webserver or any server for that matter. Take a case of compression of file or data using gzip which can delegated to this proxy server making destination server concentrate on processing of data or request.
 
Load Balanaced Proxy server-
All http request reaches this load balanced proxy server which will send requests to given server based on load as per round robin manner.

SSL Acceleration server-
This server will encrypt and decrypt http messages. This provides very secured level of isolation and can act as a centralized source to provide insulation to attack such as cross site scripting (XSS) or sql
injection for that reason.
 
Caching proxies-
Can act as centralized repository of cached data in distributed environment.

Caching -
HTTP response can have a value for Cache-Control of public, private, or no-cache
There is also a no-store value, meaning the message might contain sensitive information and should not be persisted, but should be removed from memory as soon as possible.
 
Public Cache- This is cache is applicable to whole system and is available for all users. Say for e.g we have logo, header and footer which will be consistent for all users.
Private Cache- This cache is specific to users , we can use Response.Cache for this kind of caching.
 
EtagThere are other ways to even identify given resource has been changed from last cache value is Etag. Etag is hashed values. Every time resource value or resources data changes it generated new hash value. Using this identifier we can even check the cache nature of the data.
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 06 Jan 2012 18:08:20 GMT
ETag: "8e5bcd-59f-4b5dfef104d00"
Content-Type: text/xml
Post a Comment