Democrats are always in a panic.
No point talking to you then.
... You're joking right?
I'm positive that F5's marketing department knows more than me about security and has not ulterior motive in making you think you're more secure.
Snark aside, they may do some sort of WAF in addition to being a proxy. Just "adding a proxy" does very little.
They may offer some sort of WAF (web application firewall) that inspects traffic for potentially malicious intent. Things like SQL injection. That's more than just a proxy though.
Otherwise, they really don't.
Who is to blame? The US economy is a crazy complicated system with many free actors.
To think that it can all be distilled down to just the president is ridiculous. We don't live in a centrally planned dictatorship.
HDDs don't do well when rotated
The original iPod had an HDD in it. You can rotate HDDs. Sharp impacts may be risky though, especially for a non-laptop drive.
Somebody should create a video talking about that.
We know how this is going to go right? Biden will give centrist answers that annoy all the liberals. Trump is going to let out a massive fart, blame it on Biden, then bitch about witch-hunts.
They can't fulfill their campaign promises and they won't get elected if they didn't make them.
People are stupid. They want the sweet lies even knowing that they're lies. If a candidate said "I'll try to do X but since that's mostly up to Congress then in reality I'll maybe get 50% of X done" then nobody would vote for them.
If Trump acts polite he's...somebody else.
He's incapable of being polite.
Put your reverse proxy in a DMZ, so that only it is directly facing the intergoogles
So what? I can still access your application through the rproxy. You're not protecting the application by doing that.
Install a single wildcard cert and easily cover any subdomains you set up
This is a way to do it but not a necessary way to do it. The rproxy has not improved security here. It's just convenient to have a single SSL endpoint.
There’s even nginx configuration files out there that will block URL’s based on regex pattern matches for suspicious strings. All of this (probably a lot more I’m missing) adds some level of layered security.
If you do that, sure. But that's not the advice given in this forum is it? It's "install an rproxy!" as though that alone has done anything useful.
For the most part people in this form seem to think that "direct access to my server" is unsafe but if you simply put a second hop in the chain that now you can sleep easily at night. And bonus points if that rproxy is a VPS or in a separate subnet!
The web browser doesn't care if the application is behind one, two or three rproxies. If I can still get to your application and guess your password or exploit a known vulnerability in your application then it's game over.
My reverse proxy setup allows me to map hostnames to those services and expose only 80/443 to the web,
The mapping is helpful but not a security benefit. The latter can be done with a firewall.
Paraphrasing - there is a bunch of stuff you can also do with a reverse proxy
Yes. But that's no longer just a reverse proxy. The reverse proxy isn't itself a security tool.
I see a lot of vacuous security advice in this forum. "Install a firewall", "install a reverse proxy", etc. This is mostly useless advice. Yes, do those things but they do not add any protection to the service you are exposing.
A firewall only protects you from exposing services you didn't want to expose (e.g. NFS or some other service running on the same system), and the rproxy just allows for host based routing. In both cases your service is still exposed to the internet. Directly or indirectly makes no significant difference.
What we should be advising people to do is "use a valid ssl certificate, ensure you don't use any application default passwords, use very good passwords where you do use them, and keep your services and servers up-to-date".
A firewall allowing port 443 in and an rproxy happily forwarding traffic to a vulnerable server is of no help.
Reverse proxies don't add security.
He was already allowed to.
There are two candidates. No, the others are not viable. Yes I know that's unfair. Yes voting for them is basically not voting and potentially helps another candidate you "hate more" to win instead.
Optimize your brain and body with daily essential supplements in convenient packets.
May be a grifter? He's a quack.
Or "ho hum."
Who doesn't know the candidates yet and thinks they'll learn anything about them?
I like Subsonic. The interface is a bit dated but it supports multiple users and has excellent android apps.