Reverse Proxy & SSL Operations
Nginx/Apache-Reverse-Proxy with TLS, Headern and korrekten Weiterleitungen.
Quick overview
This page describes the working standard for Reverse Proxy & SSL Operations – with a focus on concrete decisions rather than general guidance.
The main focus here is which header moodle vertraut and tls-/redirect-standard so that teams apply the same standard.
The standard only becomes traceable through linked evidence such as proxy-konfiguration and through documented edge cases/exceptions.
When this page helps
Typical situations in which this page adds value as a working document, and where another document is more appropriate.
Typical use cases
- when for Reverse Proxy & SSL Operations technical standards about reverse-proxy/load-balancer-regeln must be documented in a binding way
- when team handovers or temporary cover the same process for which header moodle vertraut should be able to execute safely
- when incidents or Changes show that evidence such as proxy-konfiguration are still missing
- when configuration or operational deviations (e.g. forwarded-header are inkonsistent) occur repeatedly
Less suitable when
- when Reverse Proxy & SSL Operations only about a one-off individual case without need for standardization applies
- when a detailed project ticket or a technical step-by-step guide is the better fit
Recommended process
A pragmatic sequence that works in practice, from scope to review.
- capture the current state and scope for Reverse Proxy & SSL Operations capture, including reverse-proxy/load-balancer-regeln and critical dependencies.
- define the target state and standards; key decisions include which header moodle vertraut.
- test changes in a controlled way (Staging, Testsystem or Checklist) and Ergebnis document.
- implement in production, run follow-up checks, and proxy-konfiguration + tls-testafterweise link.
- Monitoring/Reviews auswerten and recurring Befunde such as „Forwarded-Header are inkonsistent“ in the standard einarbeiten.
Decision rules
Reverse Proxy & SSL Operations is well documented, when rules, Edge cases and Evidence so clearly are, dass teams so that without additional coordination work can.
Entscheidungsrahmen
For Reverse Proxy & SSL Operations first define the scope clearly: Reverse-Proxy/Load-Balancer-rules.
responsibility
decisions about which header moodle vertraut and tls-/redirect-standard not implizit lassen, sondern roles and approvals explicitly benennen.
Abweichungsregeln
Allow exceptions only if they do not dilute the standard; especially relevant here are ssl/tls-zertifikate and header.
review triggers
Verifiable is the rule only, when proxy-konfiguration and tls-testafterweise cleanly verlinkt are.
What should be documented
Here only the spezifischen Inhalte about Reverse Proxy & SSL Operations maintain; general documentation rules remain in the centraln guideline. Central guideline.
The page is good when a substitute can apply or review the standard without first collecting tribal knowledge.
Kontext
terms, scope and boundaries about Reverse Proxy & SSL Operations specify in concrete terms, including reverse-proxy/load-balancer-regeln.
Umsetzungsvorgaben
Den standard so record, dass which header moodle vertraut and änderungsweg for proxy-regeln eindeutig entschieden are.
review path
Name and link evidence directly: Proxy-Konfiguration, TLS-Testafterweise, Smoke-Tests after change.
Offene Punkte / Exceptions
Aktive Exceptions, the latest change and the next review belong on the page—especially for topics with ssl/tls-zertifikate and header.
Common pitfalls
This section captures real-world pitfalls from Reverse Proxy & SSL Operations; general guidance belongs in the central guideline. Central guideline.
- scope driftet: Forwarded-Header are inkonsistent.
- the rule is too abstract: SSL-Verlängerung is not in the process verankert.
- evidence is missing: Timeouts passen not about Uploads.
- the exception gets out of control: staging and production drift apart.
Moodle reference (official docs 5.1)
Kurze Verweise on the offizielle Moodle documentation for Reverse Proxy & SSL Operations. So remains this Page AFANDI-spezifisch and vermeidet doppelte Grundlagen.
Official references
Documentation focus
- Proxy/SSL-Setup incl. Header-Weitergabe, HTTPS-Weiterleitung and Health-Checks document.
- UI path, role and test case record explicitly (not only the desired target state).
- Mark deviations from AFANDI standards separatelyely so that updates remain easier to review.
Review & maintenance
Check this Page gegen reale processes about Reverse Proxy & SSL Operations – not only gegen the Wortlaut. Entscheidend is, ob standard, Exceptions and Evidence in the Alltag contribute.
- Stimmen Header-/SSL-Settings with Moodle-Anforderungen match?
- Are Zertifikatsläufe documented?
- Were Redirects getestet?
- Stimmen Konfiguration and documentation match?
Review focus for „Reverse Proxy & SSL Operations“: Moodle-Operations; check especially reverse-proxy/load-balancer-regeln.
Useful metrics
A few metrics are enough – what matters is that they trigger decisions or improvements.
For „Reverse Proxy & SSL Operations“ Kennzahlen directly an which header moodle vertraut and the most frequent Praxisrisiken koppeln.
TLS-Fehler
Fehler for Zertifikat/Handshake
Interval: monthly
Proxy-Timeouts
Anzahl Timeout-Ereignisse am Proxy
Interval: monthly
Config-changes with Testafterweis
Anteil Proxy-Changes with Smoke-Test
Interval: monthly
Next steps
Add jetzt the concrete Entscheidung about which header moodle vertraut incl. Verantwortlichen, Datum and Verweis on proxy-konfiguration.
On „Reverse Proxy & SSL Operations“ make especially clear as the next step: which reverse-proxy/load-balancer-regeln apply in the standard case and which exceptions are time-limited.