0

I have a dedicated webserver running CentOS 7 minimal, I am using HaProxy as my edge server and NginX as my internal application server.

What I would like to do, is set up a small admin area for myself, mostly to administer docker containers. I have several browser based tools running on various local ports which are closed by my firewall. I would like to run httpd on such a blocked port, and proxy it somehow blindly to an exposed port, so that Apache may communicate with internal resources on localhost, but responses are proxied to the exposed port just as requests are proxied to Apache's port.

Is this possible?

I tried Kali Linux's httptunnel - but I have realized since I cant just use the server to proxy a single port without a client configured to consume - I guess? In any case when I try:

hts -F localhost:9050 8080

to proxy local 9050 to 8080 (currently open in firewall), I get no response in a browser, just endless loading...

Is there a more obvious way to do this?

P.S. - I would like to not use NginX in any way for this as I want to turn Apache off when I'm not using it, but if that's the only sensible answer then I accept it.

MJHd
  • 107
  • 6
  • HAProxy can proxy to your internal web app just as easily as anything else. Why aren't you using it? – Michael Hampton Jun 29 '20 at 19:37
  • 1
    you may also be interested in ssh port forwarding, which can do a great job of doing this without the extra burden of configuring a proxy, which not only be time consuming, uses resources, makes your server more configuration and software even more complex...and can be difficult to trouble shoot. It can also leave your system in a compromised state .. take a look at as alternative solution..... https://www.tunnelsup.com/how-to-create-ssh-tunnels/ – The Unix Janitor Jun 29 '20 at 22:19
  • So - the SSH tunnel DEFINITELY the way to go - I only need to access a few internal web panels from time to time - and frankly, I don't even want them exposed to a public port, so I really like the port forwarding approach - I went like this: ssh -p 2222 -L 6080:127.0.0.1:6080 -L 9005:127.0.0.1:9005 root@xxx.yyy.zz.nn - question - is plain http secure when used this way? Since it's passed through SSH even when I use the browser right? – MJHd Aug 10 '20 at 08:01

0 Answers0