httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] mod_proxy, mod_authz_host and .htaccess
Date Tue, 13 Jun 2006 14:05:05 GMT
On 6/13/06, Emmanuel.Leguy <Emmanuel.Leguy@lifl.fr> wrote:
> Hello,
>
> Config:
> - Reverse proxy server: solaris 9, apache 2.2
> - Proxied server: solaris 9, apache 2.2
>
> Requests to userdir are reverse proxied:
>
> http://www.real.fr/~login -> http://www.priv/~login
>
> Some users use a .htaccess file with order, allow and deny directives:
>
> order deny,allow
> deny from all
> allow from ipaddresses
>
> but all requests to www.priv are send from only one address: the
> www.real.fr's one (reverse proxy server). So the deny/allow directives
> have this binary effect:
> - if www.real.fr's ip address is in ipaddresses, requests are allways ok
> - if www.real.fr's ip address is not in ipaddresses, request are allways
> blocked.
> Is there a way that the request appear to be sent by the end client and
> not the reverse proxy server?

Not easily.  You could tell your users to use SetEnvIf to test the
X-Forwarded-For header, which contains the real IP address.  But this
is much more complicated.

You could also take a look at mod_extract_forwarded (google for it).
It was designed for 2.0, but I bet it would work for 2.2.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message