Web Server and WebSpeed Topology

Cecil

Cecil

19+ years progress programming and still learning.
I have been reading a truck load of documents showing what security model should be set up for a secure Website.

Currently we have the WebSpeed Messenger and WebSpeed Broker running on our production machine.

Now after reading some documents this is a complete "NO NO..". Apparently the WebSpeed Messenger must run on a Web Server (that's a given) and the WebSpeed Broker to run on a Separate Server.

Does anyone conform to this security model?

Thanks.
 
C

Casper

ProgressTalk.com Moderator
Staff member
At all our client sides we have the messenger installed on the webserver and the rest runs on the DB server.
Furthermore we use ScriptAliasing to get rid of the WService= stuff to get more friendly looking URL's. messenger is easily configured in case the webserver is in a DMZ.
Further best practices are changing the default portnumbers and names from NameServer and broker.
If you want, I have a pretty good PPT from Doug Merrit on WebSpeed and security.

Regards,
Casper.
 
Cecil

Cecil

19+ years progress programming and still learning.
Thanks Casper.

I've tracked down the PP document from Doug Merrett. I worked with Doug back in the UK for a short while.

Anyway Doug's PP doc. confirms what I have been reading about security topologies.

But I have one more question. If you install only the "WebSpeed Messenger" on the web server, does the "OE Admin Service" gets installed as well?

If not how does one administer/configure the "Messenger" from a Progress Explorer Tool?
 
C

Casper

ProgressTalk.com Moderator
Staff member
We do only an install of webspeed messenger. We only install messenger and choose to not copy the static the static html pages to docroot.
We configure it by editing the ubroker.properties file. (make a copy of msngrs.properties to ubroker.propertiesa and configure this). Since almost nothing has to be configured it is a fairly simple task to do.
Imo the webserver should be running as less services as possible.

Casper
 
C

Casper

ProgressTalk.com Moderator
Staff member
The powerpoint presentation I referred to was from PDW 2004 and covered in detail how to configure webspeed within a dmz. I tried to search him just now but couldn't find it anymore on the net. If you are interested I can sent it to you offline. Just drop me a PM.

Regards,
Casper.
 
You must log in or register to reply here.

Similar threads

P
Answered Some programs returning "Unable to run Web object" on new server
Replies
5
Views
804
Rob Fitzpatrick
Rob Fitzpatrick
J
  • Locked
[Progress News] [Progress OpenEdge ABL] MarkLogic Server 11.2: Impact Driven. Developer Focused.
Replies
0
Views
177
James Kerr
J
D
  • Locked
[Progress News] [Progress OpenEdge ABL] 5 Ways Semantic Models Help Protect Sensitive Data
Replies
0
Views
184
Doug Dunn
D
J
  • Locked
[Progress News] [Progress OpenEdge ABL] Migrating Your WebSpeed Applications: Take Advantage of New Functionality and Security Improvements
Replies
0
Views
749
Jessica Malakian
J
D
  • Locked
[Progress News] [Progress OpenEdge ABL] The Benefits of a Data Hub for Effective Data, Analytics and AI Governance
Replies
0
Views
408
David Kaaret
D
Top