Setting initial parameters within Reblaze

Step 2: Setting initial parameters within Reblaze

You should now be seeing the Reblaze dashboard:

Within the Reblaze interface, you will be doing three tasks:

1. Specify the web assets you want to protect with Reblaze.

2. (Optional, but recommended): Set Reblaze in report-only mode. Doing so means that Reblaze will not block any traffic; it will merely report on what it would have blocked. This is useful during a new deployment, since you can fine-tune and optimize your settings while avoiding false positives.

3. Publish your changes.

Task 1: Specify the web assets

In the Reblaze interface, select “Web Proxy” under the “Settings” category in the left sidebar. The following screen will appear, set already to the “General Settings” tab:

For new deployments, most of the settings can be left at their defaults. On this page, you will need to fill out two lists (Upstream Servers and Domain Names), and select the Active Protocols setting.

Upstream Servers: This list is where you define the servers that Reblaze will protect. In other words, these are the servers to which Reblaze will send the (scrubbed) web traffic it receives.

This list provides robust capabilities for managing your traffic. You can enable and configure load balancing, which will weight and distribute traffic across your primary servers. You can define backup servers, to which Reblaze will failover your traffic when your primary servers aren’t available. You can take servers offline for maintenance by ticking a single box in the interface. You can even tell Reblaze to keep individual users connected to the same server throughout their sessions.

Adding and deleting servers from this list is straightforward. To add a server, enter its IP in the “New Server” box and click Add, then fill out the rest of the information in the new entry. To delete an existing entry, click on the Delete link next to that entry.

Here are explanations for each field in this list.

Host is the IP/FQDN for each server that Reblaze protects. This can be a normal web server, or it can be a load-balancing server. Note that Reblaze also provides load-balancing capabilities in its own right, as seen in the next field.

Weight is the relative weight of each server for load balancing purposes. Reblaze distributes traffic with a round-robin sequence, according to these weights.

For example, let’s say there are two servers in the list, with the weight of each servers set to one. Therefore, these servers will receive equal amounts of traffic. Suppose instead that the first server was set to three, while the second was set to one. This would mean that the first server would receive three visitors for every visitor sent to the second server.

A note on load balancing: Please note that the load balancing parameters shown here are separate from the load balancer that you will set up in Step 3. The load balancing within Reblaze (which is defined here) is done to distribute scrubbed traffic across the servers within your network. The load balancing outside of Reblaze (which is defined in Step 3) will dynamically create new instances of Reblaze as needed, in response to spikes of incoming traffic which has not yet been scrubbed.

Max Fails is the maximum number of failed communication attempts that are allowed for this server. Once this number of failures occurs, Reblaze will consider the server to be inactive. If other servers are available, Reblaze will failover the traffic to them. If this was the only server available, Reblaze will return an error to the client (either 504 Timeout, or 502 Bad Gateway).

Fail Timeout: When a server fails, this is the length of time that Reblaze will wait before trying to send traffic to it again. In the example, the timeout is ten seconds.

Is Down: When this box is checked, Reblaze will not attempt to communicate with this server. This allows you to easily take a server offline for temporary maintenance or some other purpose.

Is Backup: when this box is checked, Reblaze will treat this server as a backup. In other words, Reblaze will not attempt to communicate with it unless all the primary servers (i.e., those for which this box is not checked) are unavailable.

HTTP Port and HTTPS Port are self-explanatory.

As for Domain Names, this is the list of domains within this website that Reblaze will protect. It needs to be filled out according to the format shown.

Task 2: Set Reblaze in Report-Only Mode

As discussed above, this setting is optional (and if enabled, will only remain so for a period of testing). It is found on the Planet Overview page (which is under the “Settings” category in the left sidebar).

The red/green button displays the current state (Active, or Report-Only) for each domain. Clicking a button will toggle that domain to the other mode. After changing one or more of these settings, you must publish the changes for them to become effective.

Task 3: Publish Your Changes

Whenever you change the Reblaze platform’s configuration, you must push those changes to the cloud.

In the Reblaze interface, select “Planet Overview” under the “Settings” category in the left sidebar (as shown in the previous image).

This page provides three features: an overview of your “planet” (i.e., your entire Reblaze deployment), the ability to add a new site to your planet, and the ability to publish changes.

Select “Publish Changes” at the upper right to push your earlier edits to the cloud.