-1

Which to choose over hiding ip port( and security measures) also APACHE HTTP or TOMCAT or other(if there are any)?

I'm highly skeptical which to choose between these servers and what suited best for my options to control incoming request.

I have a REST api made with https://github.com/RestExpress and I have a hosting that points to an ip that holds my rest api. I want to hide the port that is used with my server and also add security measures to it(if possible, better to have security in advance than nothing i guess ).

Actually I could just change my rest server to accept default port 80 for http request but unfortunately that would also update my mobile-clients to update it too.

Security measures like cleaning incoming request for malicious http request or any.

What to choose over and why?

Your inputs will be highly appreciated.

Thanks, David

david
  • 2,900
  • 5
  • 28
  • 48

1 Answers1

1

I think what you are looking for a is a reverse proxy.

https://developer.jboss.org/wiki/UsingApacheHTTPDasReverseProxyandLoadBalancerforcustomNettyHTTPengine

horatius
  • 784
  • 1
  • 12
  • 30
  • actually im reading this , thanks anyway for removing my doubts. – david Jan 06 '16 at 06:07
  • Im having problem now, Seems like I need apache server to do this? – david Jan 06 '16 at 06:19
  • Yes you need to install apache, either on the same machine, or to be really secure, one on a different machine. That way, your application's ip address is not exposed to the outside world. – horatius Jan 06 '16 at 06:25
  • hmm do i need to uninstall tomcat? can apache do the job alone? – david Jan 06 '16 at 06:33
  • No. apache is a web server, not a java app server. You need tomcat to host your rest services. The reverse proxy is solely to hide your app server port from external users. You can turn the firewall on and close port 8080 completely from the outside world. That way, the reverse proxy will be the only route to your application. – horatius Jan 06 '16 at 06:38
  • You can learn more by reading the following question. http://stackoverflow.com/questions/30632/difference-between-the-apache-http-server-and-apache-tomcat?rq=1 – horatius Jan 06 '16 at 06:44
  • Yes, exactly!, So here's the thing I have a Netty Server which accommodates http request with a {nettyserver-ip-address}:{8081} , now I installed tomcat server to get request from my domain{domain.com} which points to {nettyserver-ip-address}:{default port 80} and I added redirectPort=8081 , but unfortunately Tomcat didnt give the http request to my NettyServer. How do i mitigate this? – david Jan 06 '16 at 06:44
  • I get it. I misunderstood your initial question. I think this page is what you are looking for. https://developer.jboss.org/wiki/UsingApacheHTTPDasReverseProxyandLoadBalancerforcustomNettyHTTPengine – horatius Jan 06 '16 at 06:49
  • Yeah I think you're right my question really is incomplete. Fortunately were almost there, I think I only need apache to hand it over to another server. reverse proxy. but im still missing some steps. – david Jan 06 '16 at 06:52
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/99888/discussion-between-horatius-and-david). – horatius Jan 06 '16 at 06:55