Traffic proxying, will it work?

T

Toronto2014-09-27 09:34:51

proxy

Toronto, 2014-09-27 09:34:51

Hello! Dear experts, such a question.
I have machine "A" - there is protection
And there is machine "B" - all traffic goes here
I twist the domain by A records on machine "A", and do the following manipulations in nginx:

#user 'user' virtual host 'domain.ru' configuration file
server {
server_name domain.ru www.domain.ru;
charset off;
disable_symlinks if_not_owner from=$root_path;
index index.html index.php;
root $root_path;
set $root_path /var/www/user/data/www/domain.ru;
ssi on;
access_log /var/www/httpd-logs/domain.ru.access.log ;
error_log /var/www/httpd-logs/domain.ru.error.log notice;
listenIP_A:80;
include /etc/nginx/vhosts-includes/*.conf;
location / {
proxy_pass http://IP_B:80 /;
proxy_redirect http://IP_B:80 /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Secret 5VsWbgoyreUomjLw;
access_log off ;
}
}

Actually what will I get? Will I get protection?
If not, how can I get this protection?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

Cool Admin, 2014-09-27
@ifaustrue

What protection are you talking about?

V

Vlad Zhivotnev, 2014-09-27
@inkvizitor68sl

Too lazy to read into the terribly formatted config, but yes - you understood the idea correctly, there will be protection from ddos.
True, with L7 attacks everything is more difficult - no one will protect you from them for free, and your application can really "die" from some tricky request.