Accessing your internal web interfaces

Introduction

Many times you have to access to some web interface of a internal server in your portal, to a port that is nor public for security reasons, like the solr admin interface.

You can use ssh port redirection but if you have to access to many other ports or to many other software (jenkins, spark, hadoop) is better to use other approach (like add some auth proxy vhost in your frontend to access to these interfaces). In this page we'll show you how to use a socks proxy in a GNU/Linux environment or similar free sophisticated tanks, but you can do something equivalent in Windows or Mac.

Using `ssh`

Let's say that ssh ubuntu@your-portal-gateway is how you access to your portal gateway or to some of your portal servers. If you exec:

ssh -D 8765 ubuntu@your-portal-gateway

This configure a socks ssh proxy in your local port 8765. Using this proxy in a browser will redirect all your web petitions as they were accessing from your-portal-gateway. autossh maintains that socks proxy open.

Or better do the same using `autossh`

For this, install autossh:

apt install autossh

Create some script

nano autossh-la-portal.sh

does contains something like:

#!/bin/bash
autossh -f -M 0 -o "ServerAliveInterval 10" -o "ServerAliveCountMax 3" -D localhost:8765 -N ubuntu@your-portal-gateway

give execution permissions:

chmod +x autossh-la-portal.sh

and execute it.

./autossh-la-portal.sh

This does the same that ssh but tries to maintain open that proxy until you reboot your computer.

Now let's use that proxy (that is like a secure pipe or VPN between you and your portal).

Install a proxy extension in your browser

You can configure your proxy in your computer to use that 8765 but it's better to only use it for some subdomains and use direct Internet connection to the rest. For that we recommend the chrome extension Proxy SwitchyOmega.

Configure the proxy extension

Now we'll configure the extension to automatic use the socks ssh proxy for some of our internal servers (if this example, those starting with gbif-es-* names in the /etc/hosts of our portal gateway).

With this you can access to these internal interfaces using your proxy and not for the rest of webs.

End

Index

Wiki home
Community
Getting Started
Support
- LA Netiquette. Asking the smart way
- Troubleshooting
Portals in production
ALA modules
Demonstration portal
- Requirements
- Installation of ala-demo
Data management in ALA Architecture
DataHub
- Data Hub
Customization
Internationalization (i18n)
Administration system
Contribution to main project
- Good practices
Study case
- Setting up Atlas of Living Scotland

Accessing your internal web interfaces

Introduction

Using ssh

Or better do the same using autossh

Install a proxy extension in your browser

Configure the proxy extension

End

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Using `ssh`

Or better do the same using `autossh`