A web application (war) provides two set of HTTP APIs, one is public to

Question

0

Asked: June 10, 20262026-06-10T18:20:19+00:00 2026-06-10T18:20:19+00:00

A web application (war) provides two set of HTTP APIs, one is public to

0

A web application (war) provides two set of HTTP APIs, one is public to the clients on Internet, another is for internal and should not public to Internet. What is the best practice on network deployment to protect the internal API?

I know that a common way is to split the application into two deployables, put the frontend which serves public API in DMZ and put the backend which serves internal API in internal network. But for some reason I want to keep the application as one deployable.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-10T18:20:20+00:00

Editorial Team

2026-06-10T18:20:20+00:00Added an answer on June 10, 2026 at 6:20 pm

Finally we introduce a reverse proxy to hide the APIs inside internal network. Clients from Internet is only able to connect to the reverse proxy, the reverse proxy is configured to only forward requests to public API to the application.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

A web application (war) provides two set of HTTP APIs, one is public to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply