3.5 Single machine, single node, Web server separated
Although it is possible to collocate the Web server with the appserver, this is not recommended, mainly for security reasons (no DMZ).
Separation of the appserver and the Web server provides improvement in security, performance, throughput, availability and maintainability.
The Web server plug-in allows the Web server to route requests to the appserver even when they are physically separated. It uses an XML configuration file (plugin-cfg.xml) that contains settings that describe how to handle and pass on requests to the WAS(s). Be aware that in this case, the plugin-cfg.xml configuration file is generated on the machine where the appserver is installed so it has to be moved, each time it is regenerated, from the machine where the appserver resides to the machine where the Web server and the plug-in module are installed.
A failure on the Web server could be bypassed pointing the DNS to the machine where WAS is installed. This way, the embedded WAS Web server (WebContainer Inbound Chain) can replace (with limited throughput) the Web server while the problem is being solved.
