[Mapserver-users] MapServer in a DMZ

Lowell Filak lfilak at medinaco.org
Tue Dec 23 08:43:38 EST 2003 

There should be no problem keeping everything on the RH box on the
inside network.
What you will want to look into is a proxy execute for each of the
webservers.
For the Linux machine running Apache the configuration is similar to:

uncomment LoadModule proxy_module in httpd.conf
uncomment AddModule mod_proxy.c in httpd.conf
<IfModule mod_proxy.c>
ProxyRequests Off
</IfModule>

and then in the virtual host section:
ProxyPass /tmp http://inside.host/mapserver_tmp_file_dir
ProxyPassReverse /tmp http://inside.host/mapserver_tmp_file_dir
ProxyPass /cgi-bin http://inside.host/cgi-bin
ProxyPassReverse /cgi-bin http://inside.host/cgi-bin

Then the only communication port that needs to be open between any
webservers and the PostGIS/MapServer/MapScript server is 80/http because
all communication between PostGIS/MapServer/MapScript is done directly
on the RH machine.
We currently use this to keep all MapServer/MapScript load on a
dedicated box instead of the main webserver - works great.

HTH

Lowell

The following message was sent by Robert Crossley <robert at wotzhere.com>
on Tue, 23 Dec 2003 08:57:19 +1100.

> Hi all,
> 
> Forgive me if this is a stupid question, but I need some advice on web 
> server configuration, and it is out of my area.  I know jsut enough to 
> think there may be a problem, but not enough to be sure or how to get 
> around it.
> 
> I want to set up a service in a couple of places, and need some advice on 
> what programs can be run where.
> 
> In both places, there will be a web server but one will be a windows 
> machine and the other will be an esmith server (linux).  They will be 
> serving the respective web sites, but will need to also deliver maps or 
> reports on request using GIS data.
> 
> The data that we are providing will be delivered from a Red Hat server 
> running PostGIS, with the data populated from the software that I have 
> developed.
> 
> Ideally, I would like to run MapServer and MapScript on our Red Hat
server 
> so that I don't have to run windows and linux versions, and configure
each 
> server.  But this will only have a local IP address and not be exposed to 
> the internet.  Is this possible?  SHould I be educating myself about SOAP 
> etc.
> 
> TIA.
> 
> Merry xmas.
> R
> -- 
> 
> Robert Crossley
> 
> Agtrix P/L
> 9 Short St
> New Brighton 2483
> Far Southern Queensland
> AUSTRALIA
> 
> 153.549004 E 28.517344 S
> 
> P: 02 6680 1309
> F: New Connection
> M: 0419 718 642
> E: robert at wotzhere.com
> W: www.agtrix.com
> W: www.wotzhere.com
> _______________________________________________
> Mapserver-users mailing list
> Mapserver-users at lists.gis.umn.edu
> http://lists.gis.umn.edu/mailman/listinfo/mapserver-users

More information about the mapserver-users mailing list