So in Part 2 I've installed an ORDS instance in a private subnet. Then in Part 3 I've configured a public load balancer to serve APEX to public internet. Now I want to protect admin resources to make sure they are not exposed. For that purpose I will use Load Balancer URL redirect rules .
1Currently I can login through load balancer public IP and see database actions
2But I don't want to expose database actions and other administrator resources to public internet. So I have added following URL redirect rules to my load balancer.
3And they are working, now I can't login to database actions through load balancer, immediately redirected to apex.oracle.com as rule dictates.
4If I bypass loadbalancer and access ords instances through private network than database actions and admin resources are accessible
5I only want to serve HTTPS traffic to public internet so I create another rule set for redirecting HTTP to HTTPS
6In order to strengthen security for production deployments user names should be chosen different, ADMIN and Workspace logins should be disabled. As well as ADMIN user should be locked.
No comments:
Post a Comment