firewalls and webservers request for comments

[Jonathan Hutchins]

One of the points in having the webserver behind and seperate from the 
firewall is that even if you were to compromise the security of the 
webserver, you would still be restricted in what you could do with it because 
of the firewall.  Some clever tunneling using the web protocols would give 
you a pretty free hand, but your traffic would still be limited.