I meant a VirtualHost with:
Require expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
On Mon, 27 Apr 2020 at 15:44, baptx wrote:
> By the way, I noticed that a VirtualHost with:
>
> Require expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
>
> has a dangerous behaviour that I did not notice directly.
By the way, I noticed that a VirtualHost with:
Require expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
has a dangerous behaviour that I did not notice directly.
It made my .htaccess files visible publicly by accessing them in a web
browser when using the reverse proxy (Cloudflare).
This also resulte
Is there a way to display an error with a different message than the 403
Forbidden page configured with "ErrorDocument 403"?
This would improve the privacy, otherwise if a website displays a 403 error
on an admin login page restricted by IP address, someone trying to bypass
the reverse proxy will s
It worked when using Require in a location, thanks!
On Sat, 25 Apr 2020 at 13:41, Yann Ylavic wrote:
> On Sat, Apr 25, 2020 at 1:24 PM baptx wrote:
> >
> > @Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
> %{CONN_REMOTE_ADDR}":
> > I want to restrict access on some virt
On Sat, Apr 25, 2020 at 1:24 PM baptx wrote:
>
> @Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
> %{CONN_REMOTE_ADDR}":
> I want to restrict access on some virtualhosts only because I want to use
> some domain names without Cloudflare.
> It looks like your previous solut
@Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
%{CONN_REMOTE_ADDR}":
I want to restrict access on some virtualhosts only because I want to use
some domain names without Cloudflare.
It looks like your previous solution with mod_rewrite is better in my case,
since Require doe
I meant == instead of != like you corrected.
On Sat, 25 Apr 2020 at 13:08, baptx wrote:
> Thanks Yann, it worked.
>
> I used RemoteIPTrustedProxy instead of RemoteIPTrustedProxyList in
> /etc/apache2/conf-available/remoteip.conf (from Cloudflare example:
> https://support.cloudflare.com/hc/en-u
Thanks Yann, it worked.
I used RemoteIPTrustedProxy instead of RemoteIPTrustedProxyList in
/etc/apache2/conf-available/remoteip.conf (from Cloudflare example:
https://support.cloudflare.com/hc/en-us/articles/360029696071-Restoring-original-visitor-IPs-Option-2-Installing-mod-remoteip-with-Apache#1
On Sat, Apr 25, 2020 at 12:24 AM Yann Ylavic wrote:
>
> On Sat, Apr 25, 2020 at 12:17 AM Yann Ylavic wrote:
> >
> > Hi,
> >
> > On Fri, Apr 24, 2020 at 10:49 PM bapt x wrote:
> > >
> > > Is there a way to have the same functionality as the directive
> > > DenyAllButCloudflare from mod_cloudflar
On Sat, Apr 25, 2020 at 12:17 AM Yann Ylavic wrote:
>
> Hi,
>
> On Fri, Apr 24, 2020 at 10:49 PM bapt x wrote:
> >
> > Is there a way to have the same functionality as the directive
> > DenyAllButCloudflare from mod_cloudflare when using mod_remoteip?
> > I would like to block access to users wh
Hi,
On Fri, Apr 24, 2020 at 10:49 PM bapt x wrote:
>
> Is there a way to have the same functionality as the directive
> DenyAllButCloudflare from mod_cloudflare when using mod_remoteip?
> I would like to block access to users who try to bypass Cloudflare reverse
> proxy (e.g. accessing my web s
Hello,
Is there a way to have the same functionality as the directive
DenyAllButCloudflare from mod_cloudflare when using mod_remoteip?
I would like to block access to users who try to bypass Cloudflare reverse
proxy (e.g. accessing my web server directly by guessing the IP address).
It looks like
12 matches
Mail list logo