Am 11.09.2014 um 18:13 schrieb wr...@rowe-clan.net: > Subject: Re: mod_status: Apache 2.4 incorrect IP (proxy, not > useragent_ip) on server-status page > From: "Jim Jagielski" <j...@jagunet.com> > Date: 9/11/14 10:45 am > To: dev@httpd.apache.org > > Ugg. Yeah; we should actually have a complimentary version > that takes request_req as the param, not conn_rec. > > ap_get_remote_host_r()?? > > Considered that. But that still breaks mod_remoteip's advertised > behavior against third party modules until they adapt. So I'd written > this off as a non-starter :(
yes - please don't break mod_security! it took me hours of discussions to bring developers to make it Apache 2.4 compliant and not enforce users to use the unstrusted "forwarded for" headers not caring about the connection IP if there needs now to be a change because 2.4.10 behaves different as a following release it becomes hard to handle
signature.asc
Description: OpenPGP digital signature
