Hi, I am not sure how well redirect plays together with MS_MAP_PATTERN https://www.mapserver.org/optimization/limit_mapfile_access.html#limit-mapfile-access but maybe you could test it by redirecting locally and trying to access a mapfile from a directory that does not match with MS_MAP_PATTERN. If that requires Apache admin rights then maybe it does not bring back https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32062.
If having mapfiles in s3 feels like an option that Mapserver should support then perhaps RFC 56 https://www.mapserver.org/development/rfc/ms-rfc-56.html#rfc56 should be reviewed. -Jukka Rahkonen- Lähettäjä: MapServer-users <mapserver-users-boun...@lists.osgeo.org> Puolesta Marcin Niemyjski via MapServer-users Lähetetty: maanantai 24. lokakuuta 2022 12.13 Vastaanottaja: Marcin Niemyjski via MapServer-users <mapserver-users@lists.osgeo.org> Aihe: [MapServer-users] Redirecting to s3 via apache2 redirect/alias/proxy Hello, coming back to you with one more question about s3, namely: As I wrote before - I want to keep my mapfiles on buckets but I also want to access them without need to mount buckets to VMs, so I've came up with this: https://httpd.apache.org/docs/2.4/rewrite/flags.html#flag_p<https://eur06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhttpd.apache.org%2Fdocs%2F2.4%2Frewrite%2Fflags.html%23flag_p&data=05%7C01%7Cjukka.rahkonen%40maanmittauslaitos.fi%7Ca7ec15f2a9c3426f8cfb08dab59ff396%7Cc4f8a63255804a1c92371d5a571b71fa%7C0%7C0%7C638021995838914540%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hGkMIdjG9pqN7fHVr%2FM9iJLLB%2F4ooFHD2trkQO8v5RI%3D&reserved=0> https://mapserver.org/ogc/wms_server.html#changing-the-online-resource-url<https://eur06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmapserver.org%2Fogc%2Fwms_server.html%23changing-the-online-resource-url&data=05%7C01%7Cjukka.rahkonen%40maanmittauslaitos.fi%7Ca7ec15f2a9c3426f8cfb08dab59ff396%7Cc4f8a63255804a1c92371d5a571b71fa%7C0%7C0%7C638021995839070775%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0F26wO0I%2FjPGEPRMNuXY82PtHZ3a7M7TWfF0YBQmKCI%3D&reserved=0> generaly I want to do this: ProxyPass /martest/ https://s3.amazon.com/Bucket/Key ProxyPassReverse /martest/ https://s3.amazon.com/Bucket/Key<https://eur06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fs3.amazon.com%2FBucket%2FKey&data=05%7C01%7Cjukka.rahkonen%40maanmittauslaitos.fi%7Ca7ec15f2a9c3426f8cfb08dab59ff396%7Cc4f8a63255804a1c92371d5a571b71fa%7C0%7C0%7C638021995839070775%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=502pTFvV%2FC4MeUvGacEINJb%2FlJac89yQg%2BJDAiyjyu8%3D&reserved=0> or RewriteEngine on RewriteRule /martest/ https://s3.amazon.com/Bucket/<https://eur06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fs3.amazon.com%2FBucket%2F&data=05%7C01%7Cjukka.rahkonen%40maanmittauslaitos.fi%7Ca7ec15f2a9c3426f8cfb08dab59ff396%7Cc4f8a63255804a1c92371d5a571b71fa%7C0%7C0%7C638021995839070775%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=geyuNsQ57Xtcd%2BLw2idANpGsSQDtEgEij%2BaIDSk79B0%3D&reserved=0> so, while using WMS online resource url https://www.lpis.pl/cgi-bin/mapserv?map=/martest/jrc.map<https://eur06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lpis.pl%2Fcgi-bin%2Fmapserv%3Fmap%3D%2Fmartest%2Fjrc.map&data=05%7C01%7Cjukka.rahkonen%40maanmittauslaitos.fi%7Ca7ec15f2a9c3426f8cfb08dab59ff396%7Cc4f8a63255804a1c92371d5a571b71fa%7C0%7C0%7C638021995839070775%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=EEUrf970Gf96ulDORIHKbBvjLRJjDilHvo6gi%2BL7LDI%3D&reserved=0> i would connect to mapfile on s3. But it doesn't seem to be working. Is this even possible to connect mapserver and s3 this way? As always thank you for your help and time, Marcin
_______________________________________________ MapServer-users mailing list MapServer-users@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/mapserver-users
