httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Todd Simons <tsim...@delphi-tech.com>
Subject [users@httpd] MOD_PROXY and Access Control by IP
Date Fri, 19 Nov 2010 18:37:44 GMT
Hello All

We use Apache MOD_PROXY as a reverse proxy for internal applications.   Each WebApp has its
own top level URI

We're looking to restrict by IP, but have all apps available to our IT Team's IP

IT Team:        10.1.0.0/24
App1/Team 1:
Proxy URI:      /App1/*
IP Subnet:      10.1.1.0/24

App2/Team 2:
Proxy URI:      /App2/*
IP Subnet:      10.1.2.0/24

App3/Team 3:
Proxy URI:      /App3/*
IP Subnet:      10.1.3.0/24

(Our setup is more complicated, I boiled down for the post).

I've been able to secure each proxy with this model:
<Proxy http://*/App1/*>
    Order Deny,Allow
    #Permit IT
    Allow from 10.1.0.0/24
    #Permit Team1
    Allow from 10.1.1.0/24
    Deny from all
</Proxy>

Is there a way we can define access once for the IT Subnet (10.1.0.0/24) once instead of per
App?

~Todd



  ________________________________
CONFIDENTIALITY NOTICE
This e-mail message from Delphi Technology, Inc. is intended only for the individual or entity
to which it is addressed. This e-mail may contain information that is privileged, confidential
and exempt from disclosure under applicable law. If you are not the intended recipient, you
are hereby notified that any dissemination, distribution or copying of this communication
is strictly prohibited. If you received this e-mail by accident, please notify the sender
immediately and destroy this e-mail and all copies of it.

Mime
View raw message