Introduction

The LiveCD Apache web server is based on two instances of Apache web servers. The first Apache, configured as reverse-proxy server is referred as Frontend Apache. The second Apache "behind" the first Apache is refered as Backend Apache.

The Frontent Apache has two listeners configured. The http listener on port 80 is delivering static content from /opt/applic/httpd/htdocs. The https listener on port 443 (SSL) is providing the login application from/opt/applic/httpd/htdocs/login and is configured as reverse-proxy.

The Backend Apache has one localhost listeners on port 8888 configured. The Backend Apache is delivering static content from /opt/applic/httpd/htdocs_backend.

The Backend Apache is hosting an Echo Request application, that is disclosing HTTP headers sent from the Frontent Apache to the Backend Apache.

Why this Setup?

This setup should help students solving simple web application security challenges in Hacking-Lab. The http listener is serving simple static web pages and is therefore usefull in XSS or JSON hijacking challenges, where students must host their malicious attacker code.

The https listener is configured as reverse-proxy with pre-authentication and mod_security (web application firewall) to the localhost Backend Apache. This shall help students understanding the concept of a Web Application Firewall. That's why the Backend Apache is hosting a simple Echo Request app. This is extremly usefull understanding what is being forwarded by the WAF to the backend app. In addition to pre-authenticaiton, the Frontent Apache is supporting mod_security and forensic readiness generating and forwarding a per-request unique-ID.