httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martijn <sweetwaterg...@googlemail.com>
Subject Re: [users@httpd] mod_rewrite, proxys, authorization and redirects
Date Thu, 21 Jun 2007 14:33:52 GMT
On 6/21/07, Joshua Slive <joshua@slive.ca> wrote:
> I don't know much about mod_perl, but this depends on a couple factors:
>
> 1. If you are using .htaccess files rather than httpd.conf for
> applying RewriteRules, then you are more likely to get per-directory
> configuration applied, including auth.
>
> 2. There are multiple ways to apply configuration to particular parts
> of the server. <Directory> applies to particular filesystem
> directories, and therefore normally wouldn't be applied to proxied
> requests that never hit the filesystem. <Location> applies to URLs and
> therefore should apply to all requests whether or not they map to the
> local filesystem.

All the RedirectRules are in the httpd.conf and not inside any
<Location>- or <Directory>-section. It doesn't have to do with
mod_perl, a simple Deny from [my ip-address] has the same effect.  The
access-control directive do have an effect when inside a
<Location>-section, or inside the "root" section. They don't when
inside a <Directory>-section.

I find from the RewriteLog that, even when access is denied, the
RewriteRules have been applied. I did a couple of more tests, of which
the results might be useful. I have the following access control
section:
<Location /a>
Deny from 1.2.3.4
</Location>

Requests from 1.2.3.4 give a 403 error if I use a RewriteRule to
change /a to /b (without a redirect and before the proxy RewriteRule).
It doesn't make a difference whether /b actually exists. Requests from
other IP addresses give the expected results: no problem if /b exists
and an internal error (500) if it doesn't.

> > - is there any need for [L,R] flag? I would think that R forces the
> > whole mod_rewrite-process to start again, with a new URL so it could
> > not be anything but the last rule that is applied.
>
> In fact, if I remember correctly, rewriting will continue after an R
> flag. This means that subsequent RewriteRules may, for example, change
> the target URL before the actual rewrite happens. (But I haven't tried
> this myself in a while, so I may be remembering incorrectly.)

In any case, it sounds like adding L won't do any harm.

Thanks.

Martijn

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message