Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

HTTP Proxy Settings

Settings for running a proxy on Web Gateway under HTTP.

Option Definition
Enable HTTP proxy

When selected, a proxy is run on an appliance under HTTP.

HTTP port definition

Provides a list for entering the ports on an appliance that listen to client requests.

Anonymous login for FTP over HTTP

Specifies the user name for logging on as an anonymous user when requests are transmitted to an FTP server by an HTTP proxy on an appliance.

Password for anonymous login for FTP over HTTP

Sets a password for a user name.

Add Via HTTP header

When selected, a Via HTTP header is added to a request that is processed on an appliance.

This option is selected by default.

Adjust content-type header for requests to archives (depending on the content encoding)

When selected, a content-type header in a request for access to an archive file is adjusted if this header does not match the content encoding that was detected for the archive.

Host header has priority over original destination address (transparent proxy)

When selected, requests that are sent to the proxy on an appliance in transparent proxy mode are recognized as traffic in explicit proxy mode and processed accordingly.

Requests can, for example, be received on an appliance in transparent mode when they have been forwarded by a load balancer. If the proxy does not recognize the requests as traffic in explicit proxy mode, they will be forwarded to the web without filtering.

This option is only available if the explicit proxy mode is not already configured on an appliance.

If the option is available, it is selected by default.

 

The following table describes the fields of an entry in the list of ports for web traffic going on under HTTP.

Option Definition
Listener address

Specifies the IP address and port number for a port that listens to HTTP requests.

If the port is configured for a director or backup node in a cluster where web traffic is processed in Proxy HA or Transparent Router mode, the network interface address of the cluster is specified here.

Serve transparent SSL connections

When selected, SSL-encrypted data can also be transferred using this proxy.

Ports treated as SSL

Provides a list of ports that handle incoming data as SSL-encrypted.

Entries in this list are separated by commas. The list includes port 443 by default.

Transparent common name handling for proxy requests

When selected, common names sent within a request to the proxy are handled transparently.

 Web Gateway uses passive FTP over HTTP connections

When selected, data can be transferred in FTP passive mode using HTTP connections.

Enable FTP over HTTP

The admin UI user will get an ability to enable/disable the FTP over HTTP. Prior to this feature, FTP over HTTP was always enabled by default and there was no option available to disable it. 

For disabling this feature admin must change the HTTP configuration.

Accept Proxy Protocol header

When selected, a Proxy Protocol header sent by a proxy forwarding web server data downstream is processed on Web Gateway.

Sending of this header is optional, not required for the downstream proxy.

The header information is extracted and different parts of it are stored as values of the Connection.IP, Connection.Port, and Connection.OriginalDestination.IP properties.

Comment

Provides a plain-text comment on a port that listens to HTTP requests.

 

  • Was this article helpful?