httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mario Fran├žois Jauvin <>
Subject [users@httpd] RE: Mod_proxy https question
Date Mon, 15 Aug 2005 23:46:47 GMT

Your comment provided me with a solution. What I was doing was as follow.  I would deny all
access, then I would allow specific sites using config directives like:

<Proxy http://*>

This would have the effect of only allowing HTTP protocol with sites in the *
domain. Instead of denying all access using the following:

<Proxy *>
  Order deny,allow
  Deny from all

I now disallow access for HTTP protocol with the following:

<Proxy http://*>
  Order deny,allow
  Deny from all

This still leaves access to allowing proxy for HTTPS protocol and I can continu limiting specifically
what is allowed for the HTTP protocol as before.

Thank you.

-----Original Message-----
From: Joost de Heer [] 
Sent: August 15, 2005 8:09
To: Mario Fran├žois Jauvin
Subject: RE: Mod_proxy https question

I've been thinking a bit more:

>>  <Proxy https://**>
>>   Order deny,allow
>>   Deny from all
>>   Allow from 10.0.0
>> </Proxy>
>> This does not allow clients from subnet 10.0.0 to obtain pages from any
>> SSL URL at

Because the connection arrives in an encrypted state for the proxy, so
Apache never sees the destination URL.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message