--- Ray Morris <[EMAIL PROTECTED]> wrote: > > http://1.2.3.4/index.html > ... > > In order to make the above directive work, we will > > have to put the ip (1.2.3.4) in the Allow section. > > > > a) The "allow from" has nothing whatever to do > with the URL that you request. Rather, the "allow > from" IP is the IP of the machine which is MAKING > the request. That is correct. We only want the "Web server IP" have access to the folder.
> b) This is a question about on how to use an > existing > module posted to a list about how to DEVELOP > modules. > > > the filter (based on page logic) may request pages > > > (just like a regular web page request) > > c) If your filter is an Apache module, these should > > probably be subrequests. Also, if you're writing a > filter module, you have full access to the access > checking hook in order to do allow whatever you > want. > If it's not a module, see b). By the time it requests the page, it is no longer controlled by the module. I will try to repost it to the proper list. If any one know the list name please let me know. Thanks again Ray! > -- > Ray B. Morris > [EMAIL PROTECTED] > > > > On 04/10/2008 04:12:10 PM, John Zhang wrote: > > We have a situation that we would like to restrict > the > > access to certain folders only to requests from > the > > "local machine". Here is why: > > When a page is processed by our filter, the filter > > (based on page logic) may request pages (just like > a > > regular web page request) that should never go to > the > > browser. We put these pages in a folder. And > would > > like to use apache config to restrict the access > to > > only the "local machine". Here is the config > > <LocationMatch "/secrete-stuff/"> > > Order Deny,Allow > > Deny from all > > Allow from 127.0.0.1 > > #Allow from localhost > > </LocationMatch> > > > > The issue we face: > > When our filter issues the request, we use the > > hostname from the original request. eg, original > > request > > http://1.2.3.4/index.html > > our filter might issue > > http://1.2.3.4/something/secrete-stuff/server.js > > > > In order to make the above directive work, we will > > have to put the ip (1.2.3.4) in the Allow section. > > > However, we are planning to deply many servers, it > > would be very hard for us to edit each config > file. > > So we are wondering if there are anyway we can > achieve > > the same result without make ip-specific changes. > > > > Thanks in advanvce for your help. > > John > > > > > > >
