httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Zhang <john_zzh...@yahoo.com>
Subject Configure question -- allow access only from local machine
Date Thu, 10 Apr 2008 21:12:10 GMT
We have a situation that we would like to restrict the
access to certain folders only to requests from the
"local machine".  Here is why:
When a page is processed by our filter, the filter
(based on page logic) may request pages (just like a
regular web page request) that should never go to the
browser.  We put these pages in a folder.  And would
like to use apache config to restrict the access to
only the "local machine".  Here is the config
<LocationMatch "/secrete-stuff/">
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
    #Allow from localhost
</LocationMatch>

The issue we face:
    When our filter issues the request, we use the
hostname from the original request. eg, original
request
http://1.2.3.4/index.html
our filter might issue
http://1.2.3.4/something/secrete-stuff/server.js

In order to make the above directive work, we will
have to put the ip (1.2.3.4) in the Allow section. 
However, we are planning to deply many servers, it
would be very hard for us to edit each config file. 
So we are wondering if there are anyway we can achieve
the same result without make ip-specific changes.

Thanks in advanvce for your help.
John


Mime
View raw message