My app is hosted on multiple servers through a Load Balancer and requires HTTPS at all times.
So, now I have a real challenge grabbing the client's IP. I've setup a server to do this where I run an AJAX call to another non-balanced server that returns their IP as a JSONP string. Unfortunately that server gets bombarded and slows down web sites.
Can anyone recommend a better way to do this?
Related
I have a website -- portaldevservices.com
The domain is managed by route 53 and works fine with http.
I have one ec2 instance.
I recently decided to move to https and put a load balancer in front of the ec2 instance.
From here I created a load balancer edited the A record and the Cname to the credentials of the load balancer. The health check is fine and the ec2 instance was added.
Using Amazon Certificate manager I created a cert and added it to the load balancer.
Here are some credentials/info:
When I try to access https://portaldevservices.com I get this:
Website screenshot
hosted zones
load balancer port config
load balancer basic config
load balancer listener
acm certificate
Thanks for the help. I'm a mobile dev so this is my first time really stepping into the backend world.
Solved:
Ok that was a lot easier than I thought. If anyone else experiences this issue all I had to do was add the "www." to the front of my A type
From portaldevservices.com -> www.portaldevservices.com
The https access now works well.
Ok that was a lot easier than I thought. If anyone else experiences this issue all I had to do was add the "www." to the front of my A type
From portaldevservices.com -> www.portaldevservices.com
The https access now works well.
I have an issue I can't seem to figure how to solve. I am thinking of using Squid for this but not 100% sure how to configure. A developer is writing a script that will request an XML file from a secure web server.
The script will live in a cloud-based application and will send the request for this XML file to the web server, the script will then translate the XML file content into readable data using API calls and presented to the user in the application.
The problem is the following:
The application server (A) its load balanced and the IP address may not always be the same. We do not own this app server only have access to APIs
The Web server (B) that owns the XML is behind a firewall and it has to specify the incoming IP address allowed to access this content
I am thinking I would have to configure reverse proxy on Squid that will receive the script/request from any IP address (preferably from the application servers only) and would have to forward the exact request to the IP address of the Web server that owns the XML file.
This means that I would have to specify the IP address of the proxy server rather than the web server in the script and somehow allow the proxy server to know it needs to forward it to the web server.
I'm not sure how to do this securely since in this scenario as ANY external IP address coming the proxy server will be forwarded over.
(A) App server ======> Squid Proxy =======> (B) Webserver
I hope this makes sense thank you so much in advance for your help.
I'm running a Google Cloud HTTPS load balancer in front of 2 Compute Engine VM instances that are each running a socket.io server on port 80. They work fine and are reachable from my HTML/JS socket.io client that I'm running locally.
I have set my Google Cloud load balancer to use Session Affinity with "Generated Cookie". According to the docs, this should set a cookie named GCLB on the client. The cookie never gets set in my client, why?
I think my issue might be that I'm not really serving the client through the load balancer (or on google at all), but serving it locally, once this is a real client it will sit on a CDN somewhere. I am using a hostname locally that is on the same domain name as the load balancer. Meaning, my socket.io html client is at http://local.mydomain.com:8000/ and it connects to my socket.io server/load balancer which lives at https://io.mydomain.com/ note: ssl on server only
Any ideas as to how I can get the cookie set, or do I need to handle this differently?
Wondering if we can share session data between two servers (running different code) behind an Nginx reverse proxy.
To be precise, we have a legacy app in PHP running on an apache server. We are updating some functionality and hosting only that functionality on a separate server (nginx). Both apps update the same DB.
nginX uses load balancing/ reverse proxy URL rewritting techniques to decide which server to send the client to based on the URL path they use.
So, a person can add items to his virtual basket (held in session) on
the new server application.
He then decides to edit his personal information which is on the other server (Legacy).
Nginx uses it's reverse proxy/load balancing magic to decide which server to send the person to based on where an app is available.
The question is, how can a session created on one app server be available to another app server aswell? is it possible to setup the reverse proxy to store all session data and how. Please point me to the right direction of you can help with google links aswell.
your question has several possible answers. It all depends on the way the application is designed.
A possible scenario would be to keep session information on a database shared among different web heads. In this way the client, once authenticated will retrieve its "session status" regardless which server he is accessing in the final servers cluster backend.
Again, this depends very much on the way the application is/has been designed.
I think there is very little magic you can do on an old legacy application just by configuring the reverse proxy engine.
In the end, sessions are handled by the application server and not the proxy frontend.
hundreds of hits for these keywords, but nothing that is totally relevant.
So my web server is behind a load balancer. The web site is exposed by SSL.
When I open my logon page https[mydomain]/app/somepage.aspx, I am redirected to http://[ip address of server]/app/somepage.aspx.
I tried the follwing
Setting the loginurl to https[mydomain]/app/somepage.aspx, doesnt work
tried fiddling with the binding in iis, but there's an issue that forces us to use appcmd to set the hostname, but nothing works after I set it.
Suggestions?
Thanks
This sounds more like a load balancer configuration error, or maybe your load balance just isn't capable of forwarding the request using the same url. It seems like your load balancer is mroe of a proxy, and is creating a new request using only the IP address. Most decent load balancers should have an option for forwarding the hostname.
This might be more of a Serverfault question because it has more to do with load balancer configuration.