Proxy by Port versus Proxy by Hostname

EZproxy has two different methods for proxying access to remote web servers: proxy by port and proxy by hostname.

New EZproxy installations all start out in proxy by port since it is simpler to configure, but the recommend method for deployment is proxy by hostname since it minimizes firewall issues.

The following tables differentiates these two methods to help institutions decide which is most appropriate for their configuration.

  Proxy by Port Proxy by Hostname
Port Usage One port required for login processing. Variable number of additional ports required for proxying, with one port required for each remote web server that is being proxied. One port for http is required. One additional port is required to use https. One additional port may be required during transition (e.g., if moving from port 2048 to port 80 in URLs, both may need to be enabled).
DNS Configuration A single DNS entry is required for the name of the server. Two DNS entries are required: one for the base name of the server (e.g., ezproxy.yourlib.org) and one wildcard form of the base name (e.g., *.ezproxy.yourlib.org).
Local Firewall Configuration A variable number of ports must be configured to allow incoming access to the EZproxy server. If EZproxy tries to use ports beyond those authorized in the firewall, remote users will receive page not found errors. One to three predefined ports must be authorized in the firewall.
Remote Firewall Issues Proxy by port always uses non-standard ports. Access to web servers on non-standard ports may be blocked at the remote user's site. This can block access from corporate or military sites. When proxy by hostname is configured to use port 80 for http and port 443 for https, EZproxy appears like a normal web server, avoiding most remote firewall blocks. Using proxy by hostname on others ports may still trigger blocks from remote firewalls.
SSL Certificate Standard certificate required to avoid browser warnings. Wildcard certificate required to avoid browser warnings. See SSL Certificate Options for details.
Rewritten URL Examples    
   http://www.somedb.com/ http://ezproxy.yourlib.org:2050/ http://www.somedb.com.ezproxy.yourlib.org/  **
   http://www.otherdb.com/ http://ezproxy.yourlib.org:2051/ http://www.otherdb.com.ezproxy.yourlib.org:8080/
   http://search.otherdb.com http://ezproxy.yourlib.org:2052/ http://search.somedb.com.ezproxy.yourlib.org:8080/

** The first rewritten URL example for proxy by hostname show the URL form if EZproxy uses port 80, in which case no port is required. The other two examples demonstrate an example where another port, such as 8080, is used.

Ideal configuration

The ideal configuration for EZproxy is proxy by hostname using port 80 for http and port 443 for https. If EZproxy is installed on a server that has an exisiting web server using port 80 or port 443, but you want to implement this optional configuration, it is possible to add a second IP address to the server. See Technical Notes for technical notes on how to add an additional IP address to an existing server.

Moving from proxy by port to proxy by hostname

New EZproxy servers default to proxy by port. See Proxy By Hostname Configuration for information on how to move from proxy by port to proxy by hostname.