One of our IT people was working on a Dropbox proxy before he left, but he gave no information about what he was doing. What we want to do is have some sort of proxy on our server that allows users on the network to download Dropbox files from the proxy instead of the cloud. We’re trying to fix a problem where one person will upload a file through Dropbox, and then everyone else in [...]

In last days my apache is being attacked by many connections from proxies. I’ve identified the source but could not block the attack effectively. The attacker seems to be using pyloris or a variation of this to attack my apache on port 80. I installed nginx and varnish but not enough to support the extra load. I also added a rule in iptables to drop packets that contain the string “X-Forwarded-For” but does not block [...]

I would like an external client (4.3.2.1) to use our proxy (9.9.9.9) which forwards traffic to our firewall (8.8.8.8) which then forwards the traffic back to our client (4.3.2.1). So I’m curious if: This is possible squid the best choice There a quick and dirty guide available The proxy needs to sit in front of or behind the firewall I’ve done quite a bit of research and see a proxy used in various ways, but [...]

I have set up apache to work as a reverse proxy to tomcat that is running jenkins-CI. I can access the site from outside fine, except when I log in to jenkins, it redirects to my lan-hostname, and it of course it fails outside my network. After that I can manually type the original address to the browser, and it it will work fine until I have to log in again. I wonder if this [...]

I am having some issues with an apache proxying to a local tomcat instance. The i have traced the issue down to the way maxclients and proxypass direvtives interact. in a test environment I set up apache to have 3 max clients and proxypass to have a max of 2 connections to the ajp connector. maxclients 3 proxypass /player ajp://localhost:8009/player max=2 To illustrate the issue I have firewalled 8009 so requests will have to timeout [...]

I am proxying a VNC TCP server port with netcat. The proxy machine runs linux. This is the comand I use: mkfifo backpipe nc -l 5902 0<backpipe | nc 10.1.1.116 5902 1>backpipe 10.1.1.116 is the “remote” machine with the original VNC service running on port 5902. After this command VNC service is available on localhost for other machines. But after each VNC session the netcat “proxy server” stops, which is how netcat works. How can [...]

I need to force my users on my network to use a transparent proxy server outside my network to access websites. I’m not sure if I can do this with DNS, by setting up my own DNS which redirects them to the proxy server. How can I achieve this? Asked by Wise One option is to lock the users to a browser that honors the global proxy setting on a system (such as IE on [...]

Since OpenSSH 5.4 there is a new feature called natcat mode, which allows you to bind STDIN and STDOUT of local SSH client to a TCP port accessible through the remote SSH server. This mode is enabled by simply calling ssh -W [HOST]:[PORT] Theoretically this should be ideal for use in the ProxyCommand setting in per-host SSH configurations, which was previously often used with the nc (netcat) command. ProxyCommand allows you to configure a machine [...]

We have an application that monitors client websites and does some crawling. We’re looking to move the application to existing EC2 servers that we run, but testing suggests that we’re going to have issues due to some websites presenting different content based on the IP address that a request comes from. For example, requests from our instance based in Ireland are served responses containing € symbol instead of a £ symbol. Also, we suspect that [...]

I have a python application listening on port 9001 for HTTP traffic. I’m trying to configure Apache (or anything, really) to listen on port 443 for HTTPS connections, and then forward the connection, sans encryption, to port 9001 on the same machine. My application would then reply via the proxy, where the encryption would be reapplied, and returned to the client transparently. I’m not doing anything crazy with the site names and SSL certs, I [...]