httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Dyke <jeff.d...@gmail.com>
Subject Re: [users@httpd] mod_proxy and .htaccess
Date Tue, 17 May 2011 23:02:01 GMT
On Tue, May 17, 2011 at 12:57 PM, --[ UxBoD ]-- <uxbod@splatnix.net> wrote:
> ----- Original Message -----
>>
>> ----- Original Message -----
>> > ----- Original Message -----
>> > > On Tue, May 17, 2011 at 4:33 PM, --[ UxBoD ]--
>> > > <uxbod@splatnix.net>
>> > > wrote:
>> > > > Thanks for the though I must be doing something wrong as I have
>> > > > added to the Apache conf running on port 8080:
>> > > >
>> > > > LoadModule rpaf_module        modules/mod_rpaf-2.0.so
>> > > >
>> > > > <IfModule mod_rpaf.c>
>> > > >   RPAFenable On
>> > > >   RPAFsethostname On
>> > > >   RPAFproxy_ips 127.0.0.1
>> > > >   RPAFheader X_Forwarded_For
>> > > > </IfModule>
>> > > >
>> > > > and it is still writing 127.0.0.1 into the log files and
>> > > > blocking
>> > > > in .htaccess. I have checked the error log and no issues there;
>> > > > plus have ran phpinfo() and see that X-Forwarded-For is being
>> > > > set
>> > > > correctly.
>> > > >
>> > > > Any thoughts ?
>> > >
>> > > 'X-Forwarded-For' is not spelt 'X_Forwarded_For'.
>> > >
>> > > It is also the default setting, so you should in fact just remove
>> > > the
>> > > RPAFHeader directive - you only need to specify it if the proxy
>> > > you
>> > > are behind does not use 'X-Forwarded-For' and instead uses
>> > > 'X-Real-IP'
>> > > or similar.
>> > >
>> > > Cheers
>> > >
>> > > Tom
>> > >
>> >
>> > Yes sorry a typo; though have removed that setting all together and
>> > it is still 127.0.0.1 that is showing up :(
>>
>>
>> Okay got it working by using the correct module check! <IfModule
>> mod_rpaf-2.0.c> and it now writes the correct IP into the logfiles;
>> what does fail still though is that .htaccess ignores the change of
>> IP. If I update the allow rule to be 127.0.0.1 it allows access
>> fine. Darn :(
>
> Have managed to work around it by using the following in .htaccess:
>
> SetEnvIf REMOTE_ADDR ^XXX\.XXX\.XXX\.XXX access_granted
> Order Deny,Allow
> Deny from all
> Allow from env=access_granted
>
> Not ideal but at least it works now. Here is hoping Apache 2.3(4) is not to far off from
being launched.
> --
> Thanks, Phil
If you have access to this server, i would still use httpd.conf (or a
virtual), unless there is some reason the restarts can't be dealt
with.  httpd.conf is always faster as the server does not have to look
for the .htaccess file  in the current directory (or in any parent
directory) in every request. You may not have enough traffic for this
to concern you, but its worth thinking about.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message