Cloudmersive Private Cloud Forward Proxy Server Configuration

Overview

Cloudmersive Private Cloud Forward Proxy Server allows you to apply policies to outbound HTTP and HTTPS traffic from your endpoints and servers. Policies include key security policy outcomes such as virus scanning for file uploads and downloads.

General Approach

In general, the Cloudmersive Private Cloud Forward Proxy Server should be installed on its own infrastructure, and connects to your underlying target application server, and also connects to Cloudmersive Private Cloud Virus Scan API.

Configure Endpoints

Each Cloudmersive Private Cloud Forward Proxy Server can be configured to host (proxy) multiple underlying sites, each with different URLs/domain names.

Creating an Endpoint

To configure Cloudmersive Private Cloud Forward Proxy Server, navigate to the Cloudmersive Management Portal. Click on Private Cloud, and then click on your Forward Proxy node. From here, click on Configure Node. Scroll to the bottom of the page and click on Add Endpoint. Give the endpoint a descriptive name, and click on Add Endpoint to create the endpoint. You can add multiple Endpoints to each server node. To edit an existing endpoint, or the endpoint you just created, you can click on Manage.

When creating an endpoint you will specify an Endpoint Name, and select a port (default is 8080) for receiving proxy traffic. You will choose a protocol configuration (default is HTTP and HTTPS), to determine whether the proxy server should process HTTP, HTTPS or HTTP and HTTPS incoming traffic in the proxy. You can further configure whether HTTPS (encrypted) proxied requests should be processed - in the default configuration, SSL Decryption will occur and Re-Encrypting will occur through a process known as SSL Bumping, such that the Cloudmersive Forward Proxy server can fully process the request; you may also disable this, which will mean that the contents of HTTPS traffic, while still proxied, will not be visible and so security policies will not be applied to its contents. Finally, you can configure whether to Auto-Generate the Self-Signed Root Certificate (recommended) for SSL Bumping or to provide a custom certificate.

Deleting an Endpoint

To delete an endpoint, click on Manage and then click on Delete Endpoint and confirm the deletion operation. Note that deletion operations cannot be undone.

Managing an Endpoint

Cloudmersive Private Cloud Forward Proxy Servers check for and apply configuration updates every 10 minutes. Configuration is cached locally in the event that network connectivity between the Forward Proxy Server and the cloud is lost, the last known good configuration will continue to be used based on the local configuration cache.

Configure Security Policies

To protect traffic passing through your Forward Proxy Server endpoint, you can apply Policies onto your endpoint. Policies will process the traffic passing through your endpoint, and can allow or block traffic passing through.

Configure API Keys and Endpoints

Configuring at least one API key is required for Policies that use the underlying API, such as virus scanning and XSS protection.

Configure your API key as well as, optionally, the fully-qualified URL to your Private Cloud Server (recommended), or leverage Cloudmersive Managed Instances or Cloudmersive Public Cloud.

If you speicify multiple API keys, the Reverse Proxy Server will load balance across the API keys for that site.