ServiceDesk Plus Public Access (using Reverse Proxy)

ServiceDesk Plus Public Access (using Reverse Proxy)

We often get asked how best to access ServiceDesk Plus 'publicly' from the Internet without the use of dedicated connections or VPN services.  

There are no specific features in ServiceDesk Plus to do this other than in the 'Self-Service Portal Settings' where you would configure a URL Alias of a Fully Qualified Domain Name (FQDN) that would be published internally and externally on the Internet:



This URL Alias is used in all the notification messages sent by ServiceDesk Plus.

Now we could simply publish the internal ServiceDesk Plus server directly through the organisation's firewall out onto the Internet. However, this obviously presents some major security issues should the ServiceDesk Plus server be in any way compromised.

A relatively simple solution to this might be to make use of a Reverse Proxy such as NGINX. Here you can configure a separate server as a Reverse Proxy to relay all incoming requests from the external Internet to the ServiceDesk Plus server. The Reverse Proxy server itself can be located on a DMZ network of the organisation's firewall and appropriate rules used to control and analyse the traffic for potential threats.

Using NGINX is relatively simple and is available as Open Source software. Details for a Windows version are detailed below:


In order to run NGINX successfully you'll need to edit the 'nginx.conf' file in the unpacked 'nginx-1.9.15\conf folder' and specific the correct details for the elements shown in bold:

    server {
        listen       8888;
        #tells Nginx the hostname and the TCP port where it should listen for HTTP connections.
        # set this to the same port as your internal SD+ server port;
       
        server_name  172.16.99.131;
        # lets you doname-based virtual hosting
        # set this to the IP address or hostname of your reverse proxy server

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
        # The location setting lets you configure how nginx responds to requests for resources 
        # within the server.
            root   html;
            index  index.html index.htm;
        # Set the proxy_pass details to the internal IP address or hostname of your internal 
        # SD+ server
        }

In this case it is now possible to access my internal ServiceDesk Plus server running on 10.0.0.10:8888 via the NGINX reverse proxy server running on 172.16.99.131:8888. 

Other options exist for enabling HTTPS listening ports with appropriate certificates which are far too detailed to go into here but hopefully we've managed to highlight a potential solution for allowing public access to your installation of ServiceDesk Plus.
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products