We have a fairly standard configuration with many of our administrative web portals (Wowza or otherwise) where we put Apache in front of the application or service and then reverse proxy the connection – partly for enhanced security and access control, but also for central/universal PKI management, SSL certificates and so forth. It makes host-based configuration management a whole lot easier.
Currently we’re just wanting to reverse proxy the WSE manager ltself. Our standard config calls for Apache to bind to port 443/https which would then reverse proxy to WSE Manager. External requests to port 8088 would either be DNATTED to 443 or the WSE Manager would be simply bound to the local loopback, depending on what is most practical.
I have done this before with Wowza and it worked for the most part, but there were additional URIs, paths, connections, etc that I had not built into the configuration, and it hindered the manager’s interface to a certain degree. If I know exactly what type of connectivity is needed to keep WSE Manager working correctly, I can easily reverse proxy the right stuff through.