httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <>
Subject 301 Redirect through a firewall... Possible to hide the origin server ip address?
Date Fri, 14 Sep 2001 18:02:45 GMT
Browser hits an Apache server through a firewall with a request like this:

GET /manual HTTP/1.0

manual is a directory which results in the server issuing a redirect thusly

HTTP/1.1 301 Moved Permanently
Date: Fri, 14 Sep 2001 17:37:22 GMT
Server: Apache/1.3.20 (Unix)
Location: http://origin_server/manual/
Connection: close
Content-Type: text/html; charset=iso-8859-1

The origin server sits behind a firewall. The problem is that the Location header field
contains the origin server name, not the name of the firewall, which is a bit of a
security exposure.

I really have no good ideas on how to prevent the location header field from having the
origin_server name/address. Thoughts?


View raw message