Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Reverse proxy?
New on LowEndTalk? Please Register and read our Community Rules.

Reverse proxy?

GiulioGiulio Member
edited July 2014 in Help

Hi, i would like to protect my two vps with some "cloudfare like" reverse proxy. The idea is to use a DDoS protected VPS in order to protect from DDoS and hide the real server IPs.
Also i would like to maintain the cerificates for encrypted connections (https, mail, jabber etc.) on the original VPSs and not on the proxy one (like instead, if i understands well cloudflare do).

So, firstly I should build a VPN between all my VPSs, right? Then? Can I actually proxy services like also the dns (my two boxes are also the two nameservers of my domain)?

Comments

  • rm_rm_ Member
    edited July 2014

    said: So, firstly I should build a VPN between all my VPSs, right? Then?

    And then you just draw the rest of the f-ing owl.

    said: Can I actually proxy services like also the dns

    It doesn't make sense to "proxy" DNS, you can NAT it, but this will be difficult to get right. And since you need at least two nameservers on separate externally visible IPs, which means needing two DDoS-protected VPSes, and at which point why not just run the actual DNS servers on those.

    Thanked by 2jar Cakey
  • linuxthefishlinuxthefish Member
    edited July 2014

    I have lighttpd on my kimsufi with mod_proxy forwarding stuff to my main server, as it forwards the connecting IP to your script (SERVER["HTTP_X_FORWARDED_FOR"]). You can also do this with nginx and haproxy I think, but lighttpd seems easier to me.

    $HTTP["host"] =~ "linuxthefish.net" {
    proxy.server  = ( "" => ("" => ( "host" => "78.46.xx.xx", "fix-redirects"=>1, "port" => 80 )))
    }
  • wychwych Member

    @sz1hosting sells a reverse proxy I think?

    Thanked by 1sz1hosting

    Taking a hiatus.

  • sz1hostingsz1hosting Member
    edited July 2014

    wych said: @sz1hosting sells a reverse proxy I think?

    Yes we do sell:

    Protection:480Gbps

    French Reverse Proxy - Location: Roubaix, FR

    Canadian Reverse Proxy - Location: Beauharnois, CA

    TCP Reverse Proxy

  • GiulioGiulio Member
    edited July 2014

    Obviously i don't want a step by step tutorial, just a picture of the architecture and the software involved.

    @sz1hosting said:

    Thank you but i like to have full control on everything i use and i definitely need something like 10 or more ports.

    Thanks i'll look at it.

  • sz1hosting said: Yes we do sell:

    Protection:480Gbps

    French Reverse Proxy - Location: Roubaix, FR

    Canadian Reverse Proxy - Location: Beauharnois, CA

    TCP Reverse Proxy

    OVH will not like it.

    Freelance System Administrator, available for hire. Primary tasks i do concentrated on: PHP, MySQL, Postgres, Nginx, DDoS-protection, application security, high-performance solutions, high-availability / clustering.

  • GRE tunnel might help I think? http://wiki.buyvm.net/doku.php/gre_tunnel

  • sz1hostingsz1hosting Member
    edited July 2014

    Profforg said: OVH will not like it.

    1 of the admins added this to our order form i will contact ovh and check with them and hold any orders until i get a reply from ovh regarding the tcp proxys, thanks.

  • wychwych Member

    @sz1hosting said:
    1 of the admins added this to our order form i will contact ovh and check with them and hold any orders until i get a reply from ovh regarding the tcp proxys, thanks.

    Good luck getting a response from them...

    Thanked by 2netomx sz1hosting

    Taking a hiatus.

  • nexmarknexmark Member
    edited July 2014

    Here's my cheap and dirty method

    Buy a $2.99 OVH VPS, Setup a GRE Tunnel or Nginx Reverse proxy or something ghetto like a VPN server on the OVH VPS and a VPN Client on the target

    The GRE Tunnel is highly recommended Here's info on how to set one up fairly easy

    http://wiki.buyvm.net/doku.php/gre_tunnel

    Thanked by 2postcd bashlyk

    Life is better when you're smiling

  • jarjar Provider

    rm_ said: And then you just draw the rest of the f-ing owl.

    Damn it dude I spit red bull everywhere.

    Founder @ MXroute

  • BoxodeBoxode Member

    Can use 1 of 2 things -

    1. GRE tunnel (full network based) routing
    2. Reverse proxy via a cheap OVH VPS (only forward HTTP data)

    Boxode.net | Powered by Awesome!

  • RBHRBH Member

    @wych said:
    Good luck getting a response from them...

    I don`t know about you guys but I google translate my support tickets into french, I get a response within 6 hours on business days.

  • MaTMaT Member

    BM

Sign In or Register to comment.