A proxy server can act as an important part of your security system. It ensures control and caching for your communications. A proxy server retrieves files from other servers. It then caches the files on the local server to improve performance for subsequent requests for the same file. This only works if you configure caching. You can use a proxy along with a firewall.
1. Your first step in setup is to configure your proxy server functions and configure Secure Sockets Layer (SSL) tunneling.
2. You then have the choice of completing any or all of these options: v Configure your server’s basic caching settings
v Designate a port number for your proxy server v Configure a hierarchy of proxy servers
v Configure your server’s advanced caching functions
3. Next, you can specify which clients can use the proxy.
4. And then, configure your server for secure serving.
Configuring your server’s proxy functions and SSL tunneling
To configure your server as a proxy, you need to specify the protocols for which you want your server to act as a proxy. You can do this by filling in the Proxy
server settings form for the protocols for which this server functions as a proxy.
The wide success of Secure Sockets Layer (“SSL” on page 100) has made extension of the current WWW proxy protocol vital. This would allow an SSL client to open a secure tunnel through the proxy. Some Web browsers, such as Netscape
Navigator, use SSL tunneling to establish a secure connection to a destination server through a proxy. The proxy can be a base or secure server.
When tunneling SSL, the proxy must not have access to the data that you transfer in either direction. This is for security considerations. The proxy should only know the source and target addresses for the information as well as any user
authentication information. Because SSL tunneling is generic, you can use it to access resources on different ports.
Use the Configuration and Administration forms to configure your basic proxy functions and SSL tunneling.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Proxy server settings.
4. Complete the Proxy server settings form that is provided. To activate SSL tunneling, complete the SSL tunneling ports field and enable SSL tunneling.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Once you have configured your proxy server, you can create others and then create a hierarchy of proxy servers for yourself.
Configuring your proxy server’s basic cache settings
Perform this step if you want your proxy server to also act as a caching proxy server.
Within an intranet you may want to set up a server as a caching proxy to reduce the amount of traffic on the network. In large networks you can connect a
hierarchy of caching proxies. A client request cascades up through the hierarchy of servers until it retrieves the document from a server’s cache. The request retrieves an uncached document from the actual server where the document resides. Use the Configuration and Administration forms to configure your server’s basic cache settings.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Caching settings.
4. Complete the Caching settings form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Designating a port number for your proxy server
Perform this step only if you want your proxy server to listen to a port number other than the HTTP default port number. The HTTP default port number is 80. Here are three possible reasons you would want to change the default port number:
v You might have a special numbering convention at your company.
v You might have applications pick their port numbers from a certain limited range.
v Your port 80 might already be used by some other application.
Note: You cannot listen to the port if the server is active. The port is only active when an application is actively using it.
Use the Configuration and Administration forms to designate a port number.
1. Click Configurations.
2. Click Basic.
3. In the Basic form that is provided, change the Default port field to the port on which you want the proxy to listen. The default value for this field is 80. Some other commonly used port numbers for proxy servers are 8080 and 8008.
4. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
If you wish to keep your changes, you must restart the server.
Configuring a hierarchy of proxy servers
You can specify that the server route certain requests to another proxy server. This allows you to chain together a hierarchy of proxy servers.
Use the Configuration and Administration forms to configure a hierarchy of proxy servers.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Proxy chaining and nonproxy domains.
4. In the Proxy chaining and nonproxy domain form provided, click″Insert Before.″
5. From the list that is provided, select the protocol for which you are specifying a URL.
6. In the URL field, enter the URL for direction of requests for that protocol.
7. Enter any nonproxy domains in the field that is provided.
8. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Configuring advanced caching functions
You can further develop your server’s caching functions with any of the four topics below:
v Using caching filters.
v Configuring cached file expiration. v Setting a time limit for cached files. v Using other caching time limits.
Working with caching filters
Your server’s caching filters allow you to choose which files your server should cache and which files your server should not cache.
Use the Configuration and Administration forms to work with your caching filters.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Caching filters.
4. Complete the Caching filters form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Configuring cached file expiration
This task lets you set time limits for keeping unused cached files. You can set the time limit that determines when unused cached files expire. When you choose to remove all documents that do not contain expiration time information in their header, the server removes any files of this type matching the specified template after the corresponding time. This setting overrides expiration dates in the files’ URL request headers. When the server runs the garbage collection process, the server removes cached files that expired. Since web sites update their pages and change their URLs without warning, setting time limits for your cached files ensures that your server retrieves the most current information.
Use the Configuration and Administration forms to work with your cached file expiration.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Cached file expiration.
4. Complete the Cached file expiration form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Setting a time limit for cached files
This task lets you set the time limit that determines when unused cached files expire. When you choose to remove unused cached files after a specified expiration time, the server removes any unused cached file. This setting overrides expiration dates in the files’ URL request headers. When the server runs the garbage
collection process, it removes expired cached files. Since web sites update their pages and change their URLs without warning, setting time limits for your cached files ensures that your server retrieves the most current information.
Use the Configuration and Administration forms to set time limits for cached files.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Time limit for cached files.
4. Complete the Time limit for cached files form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Working with other caching time limits
This task lets you set the time limit that determines when unused HTTP, File Transfer Protocol (FTP), or Gopher cached files expire. This setting overrides expiration dates in the files’ URL request headers. When the server runs the garbage collection process, it removes expired cached files. Since web sites update their pages and change their URLs without warning, setting time limits for your cached files ensures that your server retrieves the most current information. Use the Configuration and Administration forms to work with other caching time limits.
1. Click Configurations.
2. Click Proxy Settings.
3. Click Other caching time limits.
4. Complete the Other caching time limits form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.
Specifying which clients can use the proxy
You can use the server’s protection function to control which clients can use your server as a proxy. This is part of controlling access to your server.
Use the Configuration and Administration forms to specify which clients can use your server as a proxy.
1. Click Configurations.
2. Click Protection.
3. Click Document protection.
4. Complete the Document protection form that is provided.
5. Click the Apply button.
You will receive a message that tells you whether or not the task completed successfully.