Apache Server
This can be accomplished in a number of ways and can be done with one or two routers. This depends on the features in the router and ability to program it. The actual installation of Apache is described for Macintosh and Windows. While unsupported, it is possible to do it on Linux if you have the skill set to build apache and compile our module yourself.
Generally, the best approach is to have a single router that is capable of supporting a machine in a DMZ and creating rules that isolates the Apache web server in a vlan separate from the other machines on the network, with rules that specify the traffic that is allowed:
- From the outside to the DMZ
- between the DMZ and the rest of the network
If possible, try and keep the apache machine on the same subnet as the other machine, even if it is in a different vlan in the router setup. This supports bringing new machines on as web listeners at a moments notice far easier because internally, they are all on the same sub net.
The second option is to have physically separate routers - which means the Apache server will have a different subnet range than the web listeners in the Office Network. It means that you will need to do some extra work:
- configure one port forwarding rule in Router 2 for each web listener you want to bring online in the future. A high onsale volume now means making a router rule change as well if you did not prepare enough rules in advance.
- the 'Apache' tab in company preferences will need to have the middle section filled out that indicates what the IP address of the outside of the internal router is. In the example, Router 2 & firewall will need an external IP that is 192.168.2.x. That value will be placed into the Company Preference record so that apache knows how to talk back to the listener.
The diagram below shows the differences between the two options.
