Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 38488 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

mod_proxy_wstunnel?

theRat_01
What plans are there to include mod_proxy_wstunnel in the Webserver Protection so that websites using websockets can be hosted behind the UTM?

This requires the use of apache 2.4.5 (or later).  There is an updated module in 2.4.9.  Currently the UTM is using 2.4.4 so it is not available to even try and test by modifying the config from the console.

Cheers
Simon


This thread was automatically locked due to age.
Parents
  • 0

    Hi Bob,

    Someone else has already requested it.  And I have added comments etc, but still no response.  This feature was promised in 9.1.x.  The request is here for anyone interested:

    websocket support for WAF

    Simon

  • 0 in reply to theRat_01
    Sophos are you ever going to implement this. It was on you radar 4 years ago, many people are asking for it. This lack of feature is now stopping me being able to recommend it for current project. Yes, websockets is real, it gets used and needs to be supported.
  • 0 in reply to theRat
    Hi,

    UTM 9.3 is using Apache 2.4.10. You could try to include it there.

    Mod_proxy_wstunnel will be not included in UTM 9.4 and it is not included in Sophos XG v1.

    Sabine
  • 0 in reply to Evianne
    Hi Sabine,

    I don't understand your comment "Mod_proxy_wstunnel will be not included in UTM 9.4". I just downloaded and installed the Beta of 9.4 and mod_proxy_wstunnel is still included (as it should be since it is part of the apache package).

    Considering this feature request is high on the list of requested features I don't understand the reluctance to add it, especially considering the is no real code to write, you just need to allow for it in the configuration.

    Simon
  • 0 in reply to theRat
    Hi Simon,
    sorry, my comment was really confusing. What I meant was, that there is no websocket support in 9.4 or SFOSv1. Sure, the module is included.
    And I'm afraid, I'm the wrong person to answer your question regarding feature prioritization.
    Sabine
  • 0 in reply to Evianne

    Hi,

     

    the big problem is, that html5 and websocket is a technics a lot of big companies uses for communication over the webbrowser. So its time to add this feature. 

    In the 5 year, you have this feature request (one from me too), you should have the possibility to check the request and if its a websocket request, please handle it correctly. 

    In the year 2017 its not a future technics in testing, its a state of the art technics uses in a big amount of websites to communicate with dynamic updated data. 

     

    Alex

  • 0 in reply to Alex76

    It doesn't look like the changes suggested above touch anything that couldn't be made to disappear if you need to have Sophos Support look at your UTM.  Neither conf file appears to be changed by a reboot.  Every change to the list of active Virtual Servers will cause reverseproxy.conf to be changed.  My guess is that modules.conf would occasionally be changed by an Up2Date.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Alex76

    It doesn't look like the changes suggested above touch anything that couldn't be made to disappear if you need to have Sophos Support look at your UTM.  Neither conf file appears to be changed by a reboot.  Every change to the list of active Virtual Servers will cause reverseproxy.conf to be changed.  My guess is that modules.conf would occasionally be changed by an Up2Date.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML