All I'm just after some advice as we have a setup at work which I'm not entirely happy with and need to be able to justify.
Basically we host a number of internal websites, most are built in house but we also host a couple for third party application front ends. My main concern is that when they were setup there are dependencies on external content. To cater for this on our web servers someone has added a proxy route out using proxycfg. The worst case the other day was that we had changed the proxycfg to direct as the only content we needed the servers to access was Forefront Defs internally which was failing due to the entry in proxycfg. A big problem then occured as the website in question was SO dependant on the external contend/entry it would not even load the page at all, simpy showing an asp error instead.
My main concern is that the webcontent we are hosting and are responsible for (SLA's) is making calls externally for some content, so even though we put resilience etc in place this could happen! To me it is bad practice for the site to have such a dependency! And also is a security concern if the webserver ever got compromised/exploited
The main question I suppose is this; Is it bad practice? Does anyone have any information that I can give to my boss to say why? I can understand certain embedding in the site on external content that may be pulled down by the client but not by the server....
Any advice or information appreciated
Basically we host a number of internal websites, most are built in house but we also host a couple for third party application front ends. My main concern is that when they were setup there are dependencies on external content. To cater for this on our web servers someone has added a proxy route out using proxycfg. The worst case the other day was that we had changed the proxycfg to direct as the only content we needed the servers to access was Forefront Defs internally which was failing due to the entry in proxycfg. A big problem then occured as the website in question was SO dependant on the external contend/entry it would not even load the page at all, simpy showing an asp error instead.
My main concern is that the webcontent we are hosting and are responsible for (SLA's) is making calls externally for some content, so even though we put resilience etc in place this could happen! To me it is bad practice for the site to have such a dependency! And also is a security concern if the webserver ever got compromised/exploited
The main question I suppose is this; Is it bad practice? Does anyone have any information that I can give to my boss to say why? I can understand certain embedding in the site on external content that may be pulled down by the client but not by the server....
Any advice or information appreciated