On Tue, May 17, 2011 at 12:57 PM, --[ UxBoD ]-- <ux...@splatnix.net> wrote: > ----- Original Message ----- >> >> ----- Original Message ----- >> > ----- Original Message ----- >> > > On Tue, May 17, 2011 at 4:33 PM, --[ UxBoD ]-- >> > > <ux...@splatnix.net> >> > > wrote: >> > > > Thanks for the though I must be doing something wrong as I have >> > > > added to the Apache conf running on port 8080: >> > > > >> > > > LoadModule rpaf_module modules/mod_rpaf-2.0.so >> > > > >> > > > <IfModule mod_rpaf.c> >> > > > RPAFenable On >> > > > RPAFsethostname On >> > > > RPAFproxy_ips 127.0.0.1 >> > > > RPAFheader X_Forwarded_For >> > > > </IfModule> >> > > > >> > > > and it is still writing 127.0.0.1 into the log files and >> > > > blocking >> > > > in .htaccess. I have checked the error log and no issues there; >> > > > plus have ran phpinfo() and see that X-Forwarded-For is being >> > > > set >> > > > correctly. >> > > > >> > > > Any thoughts ? >> > > >> > > 'X-Forwarded-For' is not spelt 'X_Forwarded_For'. >> > > >> > > It is also the default setting, so you should in fact just remove >> > > the >> > > RPAFHeader directive - you only need to specify it if the proxy >> > > you >> > > are behind does not use 'X-Forwarded-For' and instead uses >> > > 'X-Real-IP' >> > > or similar. >> > > >> > > Cheers >> > > >> > > Tom >> > > >> > >> > Yes sorry a typo; though have removed that setting all together and >> > it is still 127.0.0.1 that is showing up :( >> >> >> Okay got it working by using the correct module check! <IfModule >> mod_rpaf-2.0.c> and it now writes the correct IP into the logfiles; >> what does fail still though is that .htaccess ignores the change of >> IP. If I update the allow rule to be 127.0.0.1 it allows access >> fine. Darn :( > > Have managed to work around it by using the following in .htaccess: > > SetEnvIf REMOTE_ADDR ^XXX\.XXX\.XXX\.XXX access_granted > Order Deny,Allow > Deny from all > Allow from env=access_granted > > Not ideal but at least it works now. Here is hoping Apache 2.3(4) is not to > far off from being launched. > -- > Thanks, Phil If you have access to this server, i would still use httpd.conf (or a virtual), unless there is some reason the restarts can't be dealt with. httpd.conf is always faster as the server does not have to look for the .htaccess file in the current directory (or in any parent directory) in every request. You may not have enough traffic for this to concern you, but its worth thinking about. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
