httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luca Toscano <toscano.l...@gmail.com>
Subject Re: [users@httpd] Simple Apache 2.2 access control
Date Mon, 29 Feb 2016 18:10:47 GMT
Hello!

2016-02-29 16:47 GMT+01:00 Julien Etter <julien.etter@juno.co.uk>:

> Hello,
>
>
>
> We are running apache 2.2.15, a simple asset server using a read-only
> mounted filesystem with millions of static files in it.
>
>
>
> We are going to generate daily a list of asset names we need to prevent
> access to, about a thousand of them.
>
>
>
> We would like to avoid adding a layer of high level language as PHP/Perl…
>
>
>
> Is there a better approach than writing a very long RewriteRule based on
> all those names and issue a [R=404]?
>
> We were looking in RewriteMap but feel we need the “complement” of it,
> something like:
>
> “RewriteRule ${deniedMap} – [R=404]”
>
> But even so this “map” would still be a non-efficient regular expression
> based code.
>
>
>
> Any insight would be very welcome!
>
>
>
Is it an option to move to Apache 2.4? There are two things that might help
you:

1) mpm_event - https://httpd.apache.org/docs/2.4/mod/event.html (your use
case of serving only static assets might leverage a lot the event mpm)
2) mod_lua - https://httpd.apache.org/docs/2.4/mod/mod_lua.html - it is an
high level language but you could experiment to it to see if it could
resolve your use case in an elegant and simple way.

I tried to think about other solutions but I didn't come up with anything
simple and not convoluted.

Hope that helps!

Luca

Mime
View raw message