httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 13474] New: - mod_proxy works incorrectly with reverse proxy
Date Wed, 09 Oct 2002 23:03:12 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13474>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13474

mod_proxy works incorrectly with reverse proxy

           Summary: mod_proxy works incorrectly with reverse proxy
           Product: Apache httpd-2.0
           Version: HEAD
          Platform: PC
               URL: http://www.frontfree.net
        OS/Version: FreeBSD
            Status: NEW
          Severity: Major
          Priority: Other
         Component: mod_proxy
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: delphij@frontfree.net


While using multiple reverse entries within one virtual host like the following:
<VirtualHost 192.168.1.2>
ServerName www.inetsrv.net
ServerAlias inetsrv.net
ServerAdmin webmaster@inetsrv.net
DocumentRoot /usr/local/www/www.inetsrv.net

Alias /errors/ "/usr/local/wwwroot/www.inetsrv.net/errors/"
ErrorDocument 502 /errors/502.html

ProxyPass "/demo" http://10.1.1.1:81/demo
ProxyPassReverse "/demo" http://10.1.1.1:81/demo
ProxyPass "/lang" http://10.1.1.1:81/lang
ProxyPassReverse "/lang" http://10.1.1.1:81/lang
</VirtualHost>
It of course work properly, but after I've added proxy to the server 
configuration:

<IfModule mod_proxy.c>
ProxyRequests On

<Proxy *>
    Order deny,allow
    Deny from all
    Allow from .inetsrv.net
</Proxy>

ProxyVia On

</IfModule>

A workstation called w2k.inetsrv.net will see the virtual host correctly, and 
the proxy function worked well also. But unfortunatelly, it stopped me from 
visiting the www.inetsrv.net from a computer which is not in the inetsrv.net 
domain if I don't specify full path (e.g. 
http://www.inetsrv.net/demo/index.htm), for example, a URL like 
http://www.inetsrv.net/demo will return 403.

It seemed that the mod_proxy will affect reverse proxy's behavior. When sending 
request like GET /, the proxy module will process it first, then it found the 
IP should be denied. What confused me is that full path will work, this 
behavior is really strange, and I think this should be considered to be a 
mistake because proper HTTP requests like GET /, without saying "GET 
http://www.microsoft.com/" by specifying full protocol qualifier, should be 
considered by the httpd server itself, not the mod_proxy.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message