i'm new here in the forum. I'm a system administrator and i had to install a different web application architecture in our organization. Normally we have a tipical two layer architecture with a DMZ webserver and an internal DB. This time we have an internal DB, an internal webserver with the webapplication that's reached with a Proxypass virtualhost in our DMZ webserver.

Which architecture has less security issues?? The new one with proxypass?