httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "gb1071nx" <gb107...@globallyboundless.com>
Subject [users@httpd] Paranoia check regarding mod_proxy / mod_rewrite
Date Wed, 12 Sep 2007 19:28:58 GMT

I've just recently compiled and installed the mod_rewrite and mod_proxy
modules.   My specific reason for doing so is that I wanted to use AJAX
calls between two internal (intranet) domains, but due to 'same origin'
policy, could not.  Google told me that I can get around this by
proxying. All sorts of PHP examples abounded, but 1) I'm a java
programmer and 2) I don't want to write my own proxy code so 3) let's
just use mod_rewrite!

I've now got that all set up and working. My one domain successfully
makes AJAX calls to the second, all through mod_rewrite.  But now I'm
wanting to make absolutely certain of something: 

The *only* references I have to mod_proxy or mod_rewrite are the
LoadModule commands, and my one mod_rewrite section: 

 RewriteEngine On
 RewriteRule ^/myproxy/(.*)/(.*)$ http://$1/foo/bar.jsp?x=$2 [P]


I see this commented-out section as well: 

#<IfModule mod_proxy.c>
#ProxyRequests On
#
#<Proxy *>
#    Order deny,allow
#    Deny from all
#    Allow from .example.com
#</Proxy>


I'm just worried/wondering if my server is "secure", and that it's not
acting as an open proxy?    Am I right in thinking that unless I
explicitly turn on ProxyRequests, that merely loading the module does
not cause it to become a proxy server? 

Secondly, could I use the <Proxy *> control block to limit even the
reverse proxy to *only* accept requests from that single internal host?
Or have I effectively done this, by making my RewriteEngine and
RewriteRule directives within a virtual host block? 

Thanks.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message