SSL proxy
The SSL proxy module implements the Connect method,
an extension to HTTP that can be used to tunnel HTTPS requests. Since
an HTTPS request is encrypted it is not possible to proxy it, nor to
cache it. Unfortunately, this also means that an SSL proxy can be used
to tunnel any TCP/IP connection, something that might break your
security scheme. Therefore, it is possible to limit the ports to
which the module can connect.
In Netscape terminology, a virtual server with this module enabled
is a secure proxy.
Outsiders might get access to your network by connecting to the SSL
proxy. Therefore, it is recommended that you use security patterns
to limit access to this module to hosts within your network.
- Allowed Ports
-
Limit access to certain ports. Enter 443
here if you only want to allow connections to the standard HTTPS port.
- Connection refused message
-
Message to send to the
user in case it was not possible to connect to the server.
- Forbidden Ports
-
Forbid access to certain ports.
- No such host message
-
Message to send to the user if
it is impossible to locate the server.
|