Return-Path:
Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org
Received: (qmail 35546 invoked by uid 500); 31 Jul 2003 18:58:44 -0000
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help:
list-unsubscribe:
list-post:
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 35493 invoked by uid 500); 31 Jul 2003 18:58:44 -0000
Delivered-To: apmail-httpd-2.0-cvs@apache.org
Date: 31 Jul 2003 18:58:53 -0000
Message-ID: <20030731185853.96541.qmail@minotaur.apache.org>
From: slive@apache.org
To: httpd-2.0-cvs@apache.org
Subject: cvs commit: httpd-2.0/docs/manual/mod mod_access.xml
mod_access.html.en
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
slive 2003/07/31 11:58:53
Modified: docs/manual/mod Tag: APACHE_2_0_BRANCH mod_access.xml
mod_access.html.en
Log:
Backport double-reverse docs in Allow/Deny.
Revision Changes Path
No revision
No revision
1.7.2.4 +10 -6 httpd-2.0/docs/manual/mod/Attic/mod_access.xml
Index: mod_access.xml
===================================================================
RCS file: /home/cvs/httpd-2.0/docs/manual/mod/Attic/mod_access.xml,v
retrieving revision 1.7.2.3
retrieving revision 1.7.2.4
diff -u -d -b -u -r1.7.2.3 -r1.7.2.4
--- mod_access.xml 15 Apr 2003 22:56:37 -0000 1.7.2.3
+++ mod_access.xml 31 Jul 2003 18:58:52 -0000 1.7.2.4
@@ -85,12 +85,16 @@
Hosts whose names match, or end in, this string are allowed
access. Only complete components are matched, so the above
- example will match foo.apache.org
but it will
- not match fooapache.org
. This configuration will
- cause the server to perform a reverse DNS lookup on the
- client IP address, regardless of the setting of the HostnameLookups
- directive.
+ example will match foo.apache.org
but it will not
+ match fooapache.org
. This configuration will cause
+ Apache to perform a double reverse DNS lookup on the client IP
+ address, regardless of the setting of the HostnameLookups directive. It will do
+ a reverse DNS lookup on the IP address to find the associated
+ hostname, and then do a forward lookup on the hostname to assure
+ that it matches the original IP address. Only if the forward
+ and reverse DNS are consistent and the hostname matches will
+ access be allowed.
A full IP address
1.11.2.5 +9 -5 httpd-2.0/docs/manual/mod/Attic/mod_access.html.en
Index: mod_access.html.en
===================================================================
RCS file: /home/cvs/httpd-2.0/docs/manual/mod/Attic/mod_access.html.en,v
retrieving revision 1.11.2.4
retrieving revision 1.11.2.5
diff -u -d -b -u -r1.11.2.4 -r1.11.2.5
--- mod_access.html.en 29 May 2003 19:29:45 -0000 1.11.2.4
+++ mod_access.html.en 31 Jul 2003 18:58:52 -0000 1.11.2.5
@@ -108,11 +108,15 @@
Hosts whose names match, or end in, this string are allowed
access. Only complete components are matched, so the above
- example will match foo.apache.org
but it will
- not match fooapache.org
. This configuration will
- cause the server to perform a reverse DNS lookup on the
- client IP address, regardless of the setting of the HostnameLookups
- directive.
+ example will match foo.apache.org
but it will not
+ match fooapache.org
. This configuration will cause
+ Apache to perform a double reverse DNS lookup on the client IP
+ address, regardless of the setting of the HostnameLookups
directive. It will do
+ a reverse DNS lookup on the IP address to find the associated
+ hostname, and then do a forward lookup on the hostname to assure
+ that it matches the original IP address. Only if the forward
+ and reverse DNS are consistent and the hostname matches will
+ access be allowed.
A full IP address