httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Administrator" <>
Subject RE: [users@httpd] Different security based on network interface
Date Tue, 13 Sep 2005 10:00:44 GMT
This may be a stupid answer, but isn't it easily possible to set up the
interfaces (or firewall, or both) so they reject source IP addresses in the
wrong I/F?  Or am I missing the point?


| On 9/13/05, AragonX <> wrote:
| > Hello all,
| >
| > I am trying to secure my web server.  It serves internal users
| > (employees) and external users (customers).  There are some web
| > applications that I would like to have available to
| internal users but
| > require external users to have a password to access the
| directory (the
| > applications have their own security but I don't want any of the
| > scripts or files visible to the internet at all.  They are
| all under
| > the /internal directory).  Can this be done?
| >
| > The server has two NICS, one serving the internal network and one
| > serving the external.  Is there a module that will allow different
| > security levels based in this information?
| >
| > I know that mod_access and I think mod_security will allow me to do
| > this but they do it based on IP address.  I'm afraid someone will
| > spoof the IP addresses of the internal network to bypass
| this security measure.
| >
| > What I'm trying to avoid is having the employees log in twice to
| > access the web apps.  They would be most unhappy.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message