[ILUG] Apache ReverseProxy and security...
bigbro at skynet.ie
Wed Feb 21 17:16:03 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
I'm having some trouble trying to get Apache to use ReverseProxy but
also acknowledge and use the Allow from and Deny from clauses for a web
server. My setup is the following:
[WWW server] <-----|
------> [app-server2] etc.
I want people to hit the webserver with URL like
https://www.example.com/someapp/ and the webserver knows that someapp
is currently hosted on app-server1, so reverse proxies there and all is
good with the world. This works well with:
However, if I add access credentials, such as:
Allow from 22.214.171.124
Deny from all
I still am able to access the reverse proxied hosts from anywhere on the
internet, not just 126.96.36.199.
Does Apache support the type of checking I'm doing here? And if so, how?
Pointers in the right direction would be greatly appreciated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the ILUG