On 6/13/06, Emmanuel.Leguy <[EMAIL PROTECTED]> wrote:
Hello,
Config:
- Reverse proxy server: solaris 9, apache 2.2
- Proxied server: solaris 9, apache 2.2
Requests to userdir are reverse proxied:
http://www.real.fr/~login -> http://www.priv/~login
Some users use a .htaccess file with order, allow and deny directives:
order deny,allow
deny from all
allow from ipaddresses
but all requests to www.priv are send from only one address: the
www.real.fr's one (reverse proxy server). So the deny/allow directives
have this binary effect:
- if www.real.fr's ip address is in ipaddresses, requests are allways ok
- if www.real.fr's ip address is not in ipaddresses, request are allways
blocked.
Is there a way that the request appear to be sent by the end client and
not the reverse proxy server?
Not easily. You could tell your users to use SetEnvIf to test the
X-Forwarded-For header, which contains the real IP address. But this
is much more complicated.
You could also take a look at mod_extract_forwarded (google for it).
It was designed for 2.0, but I bet it would work for 2.2.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
