Oracle Community Directory
Oracle Community FAQ
My Oracle Support Community (MOSC)
Go Directly To
Oracle Technology Network Community
My Oracle Support Community
OPN Cloud Connection
Oracle Employee Community
Oracle User Group Community
Fusion Middleware Archived Forums
Application Server Archived Forums
Web Cache and Edge Side Includes (ESI)
Please enter a title.
You can not post a blank message. Please type your message and try again.
This discussion is archived
: Jun 14, 2007 2:55 PM by
WebCache: How to prevent access to corporate intranet sites
May 28, 2007 10:17 AM
If one site served by the webcache is available on the internet (port 80) than all websites that are on port 80 are also accessible from the internet.
Is there any configuration to avoid this?
Here are the details:
www.site1.com is on the internet under ip1.
ALTEON (load balancer ) delivers all HTTP traffic on port 80 of ip1 to the webcache port 7777.
www.site1.com maps to origin server 1.
site www.site2.com is not published on the internet, nevertheless, if users map www.site2.com to same ip - ip1 on their hosts file, the following will happen:
http request for site www.site2.com will arrive to the load balancer, which will route the request to port 7777 of webcache.
beacause site2.com is also on site definitions of this webcache, the request will succeed.
From this example, it seems there is no way to use the same webcache for caching public sites and internal sites if they are both on same port (80 in this example).
Of course allow/deny rules on the origin servers will manage the access based on the ip that originates the request, still this does not seem quite elegant.
It seems that although webcache can listen on several ips/ports, they all will answer to all requests there is no way to configure webcache to respond to site 1 on ip1 and to site 2 on ip 2.
Does anyone know about any better approach to use the same webcache to serve public and private sites on different ip/ports?
This content has been marked as final.
Show 1 reply
Re: WebCache: How to prevent access to corporate intranet sites
Jun 14, 2007 2:55 PM
in response to
Quick answer: either use a different port for site 2 or create a virtual IP for the site2 and make this difference known in the webcache.