Introduction (READ THIS FIRST)
This tutorial will guide you through the configuration of an Apache 2.2 SSL installation in front of a Plone 3.2.2 instance with Squid running in between Apache and Zope on FreeBSD 7.x. SSH tunnelling will be used for remote management of the Zope/Plone instance (i.e. ZMI). All of this will reside behind a PF firewall. Configuration and installation of the individual components will be covered in each section.
Apache 2.2 will accept http and https connections from the public Internet. Apache will then rewrite the URL and proxy the HTTP or HTTPS request to the Squid caching server. Squid will then forward the request to the ZEO (Zope Enterprise Object) client. The ZEO client (part of Zope) will send the request to the ZEO server (part of Zope). The ZEO client keeps a cache of recently used database objects. These objects are retrieved from the ZEO Server when not in the cache.
| Apache a.b.c.d:80/443 |
=> | Squid Cache 127.0.0.1:8902 |
=> | Zope Client 127.0.0.1:8901 |
=> | Zope Server 127.0.0.1:8900 |
|
NOTE: a.b.c.d denotes the public static IP address that is mapped to your domain name. |
||||||
By configuring Plone 3 in this manner, ZEO clients can easily be added to the buildout configuration Each of the ZEO clients can share cached objects thus increasing concurrency and reducing ZODB (Zope Object Database) access frequency. Apache2 provides the full power of mod_rewrite for URL customization. HTTP over SSL will provide secure access to the Zope Management Interface (ZMI). Last of all, PF, OpenBSD's packet filter will lock down access to the server.
Author: 
Visit our