httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: svn commit: r1704683 - /httpd/httpd/trunk/docs/manual/mod/mod_remoteip.xml
Date Tue, 06 Oct 2015 14:47:07 GMT
On Tue, Sep 22, 2015 at 11:09 PM, William A Rowe Jr <wrowe@rowe-clan.net> wrote:
> On Tue, Sep 22, 2015 at 8:48 PM, Eric Covener <covener@gmail.com> wrote:
>>
>> Maybe my followup is better phrased.  No issue with handling of internal
>> IPs.
>>
>> Currently, we act like RemoteIPTrustedProxy * by default (once they've
>> named the XFF header) and warn people they'd better restrict it.
>
>
> I agree that was not the original design and we should address it with a fix
> rather than a docs fix, IMHO.  'Trusted' is the exception, not the general
> case.

bump. I don't love the idea of changing the 2.4 defaults.

Current doc already says "Unless these other directives are used,
mod_remoteip will trust all hosts presenting a RemoteIPHeader IP
value." so I thought it was wise  to reinforce this in other sections.
  Doc is not back-ported yet.

Mime
View raw message