Jump to content
RESET Forums (homeservershow.com)

Hyper-V and Blue Iris


Poppapete
 Share

Recommended Posts

Well, in the Dev world we use apache or nginx in front of app servers to do the SSL termination. You could always do this and it's very light weight.

 

Sent from my Nexus 4 using Tapatalk

Link to comment
Share on other sites

  • Replies 29
  • Created
  • Last Reply

Top Posters In This Topic

  • krom

    4

  • ikon

    11

  • Jason

    8

  • Poppapete

    3

Top Posters In This Topic

Well, in the Dev world we use apache or nginx in front of app servers to do the SSL termination. You could always do this and it's very light weight.

 

Sent from my Nexus 4 using Tapatalk

How?

Link to comment
Share on other sites

What you are looking for is called reverse proxy.

 

With apache, this can be achieved using mod_proxy. 

 

You would write rules to proxy anything on https://your_apache_server/ to your webcam host. You would have to generate self signed certificates as well. 

 

Here is an example write up with steps: http://www.nczonline.net/blog/2012/08/08/setting-up-apache-as-a-ssl-front-end-for-play/

Link to comment
Share on other sites

Thanks. Now I just need to figure out how to setup a reverse proxy with Sophos UTM. My next project.

Link to comment
Share on other sites

If you are behind a firewall or UTM appliance like Untangle or the like, you can not expose the BI webserver to the Internet and only access it through a VPN connection.  At least that's how I've set it up.  Obviously not as convenient as direct access but at least it's more secure.

Link to comment
Share on other sites

Currently BI is running directly on my WSE12R2 box as a service. Leveraging my server's hardware. Not in a VM. Not sure I can limit BI itself from having internet access in this config?

Link to comment
Share on other sites

Well you would basically not port forward your IP/Port for BI and your server on your router so you would not be able to browse to it from the outside.  Your server can access the Internet and that's not a problem as long as you can't hit your BI URL or IP/port from outside your network. 

 

I'm not saying this very clearly.  BI is running a web server and that server's URL is what you don't want people to be able to access directly from the Internet.  So if you don't port forward that in your router and don't have UPNP enabled you should be okay.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...