httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <>
Subject Re: [users@httpd] mod_proxy, mod_authz_host and .htaccess
Date Tue, 13 Jun 2006 14:05:05 GMT
On 6/13/06, Emmanuel.Leguy <> wrote:
> Hello,
> Config:
> - Reverse proxy server: solaris 9, apache 2.2
> - Proxied server: solaris 9, apache 2.2
> Requests to userdir are reverse proxied:
> -> http://www.priv/~login
> Some users use a .htaccess file with order, allow and deny directives:
> order deny,allow
> deny from all
> allow from ipaddresses
> but all requests to www.priv are send from only one address: the
>'s one (reverse proxy server). So the deny/allow directives
> have this binary effect:
> - if's ip address is in ipaddresses, requests are allways ok
> - if's ip address is not in ipaddresses, request are allways
> blocked.
> Is there a way that the request appear to be sent by the end client and
> not the reverse proxy server?

Not easily.  You could tell your users to use SetEnvIf to test the
X-Forwarded-For header, which contains the real IP address.  But this
is much more complicated.

You could also take a look at mod_extract_forwarded (google for it).
It was designed for 2.0, but I bet it would work for 2.2.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message