httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: [users@httpd] rewrite and/or proxy question
Date Thu, 14 May 2009 10:57:15 GMT
Complement added at end.

André Warnier wrote:
> Hi.
> 
> I have an Apache 2.2 webserver set up with VHosts, one of them having a
> DocumentRoot structured as follows :
> 
> DocumentRoot /var/www/company.com/docs
> 
> disk :
> /var/www/company.com/docs
>                /app1
>                /app2
>                /app3
> 
> These different areas /app1, /app2, /app3 have different AAA criteria.
> 
> There are on the other hand 3 DNS aliases resolving to the IP of this
> Apache host :
> app1.company.com
> app2.company.com
> app3.company.com
> 
> The above VirtualHost section is defined as follows :
> <VirtualHost *:80>
>   ServerName app1.company.com
>   ServerAlias app2.company.com
>   ServerAlias app3.company.com
>   DocumentRoot /var/www/company.com/docs
>  ...
> </VirtualHost>
> 
> 
> I would like, through a combination of (possibly) mod_rewrite and/or
> mod_proxy rules, to obtain the following behaviour :
> 
> - if a user requests the URL
> http://app1.company.com
> they should get the content of the directory /var/www/company.com/docs/app1
> - if a user requests the URL
> http://app1.company.com/xyz
> they should get the content of the directory .../app1/xyz
> - if a user requests a URL like
> http://app1.company.com/app1/*
> they should also get the same content of /app1 (and not of /app1/app1/*)
> - if a user requests the URL
> http://app2.company.com
> they should get the content of the directory .../app2
> - if a user requests the URL
> http://app2.company.com/xyz
> they should get the content of the directory .../app2/xyz
> - if a user requests a URL like
> http://app2.company.com/app2/*
> they should also get the same content of /app2 (and not of /app2/app2/)
> etc...
> - and, maybe more tricky, if a user requests something like
> http://app1.company.com/app2/*
> (thus trying to be "smart" and bypass the AAA rules)
> they should get a "not found" or a "forbidden"
> 
> Does anyone have an idea of how to achieve this smartly, efficiently,
> and without getting into horrible inconsistencies and/or loops ?
> 
> 

For example, would the following work, or am I forgetting something, 
doing something bad, risk security bypasses, etc.. ?

RewriteCond %{HTTP_HOST} app1.company.com
RewriteRule ^/$ /app1/ [L]
RewriteRule ^/app1/.+$ - [L]
RewriteRule ^/app2/.+$ - [F]
RewriteRule ^/app3/.+$ - [F]
RewriteRule ^/(.+)$ /app1/$1 [L]

RewriteCond %{HTTP_HOST} app2.company.com
RewriteRule ^/$ /app2/ [L]
RewriteRule ^/app2/.+$ - [L]
RewriteRule ^/app1/.+$ - [F]
RewriteRule ^/app3/.+$ - [F]
RewriteRule ^/(.+)$ /app2/$1 [L]

RewriteCond %{HTTP_HOST} app3.company.com
RewriteRule ^/$ /app3/ [L]
RewriteRule ^/app3/.+$ - [L]
RewriteRule ^/app1/.+$ - [F]
RewriteRule ^/app2/.+$ - [F]
RewriteRule ^/(.+)$ /app3/$1 [L]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message