![(please configure the [header_logo] section in trac.ini)](/trac/MIS/chrome/common/trac_banner.png)
Changes between Initial Version and Version 1 of Ticket #21, comment 4
- Timestamp:
- Mar 17, 2023 12:12:11 PM (2 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #21, comment 4
initial v1 1 1 PO server原本是開放port 3838直接NAT進來內部,但最近發現有被攻擊的記錄. 故關閉原本port 3838直接NAT到PO serer, 改成3838 NAT到nginx,然後透過nginx的設定,只有當 /PO/servlet的封包才會轉送到PO server,降低被攻擊的風險. 2 2 3 {{{ 3 4 外部 po.wnjsoft.com:80 => nginx:80 => check /PO/servlet => PO server 4 5 外部 po.wnjsoft.com:3838 => nginx:3838 => check /PO/servlet => PO server 6 }}}
