"AragonX" <aragonx@xxxxxxxxxx> writes: [...] > I know that mod_access and I think mod_security will allow me to do this > but they do it based on IP address. I'm afraid someone will spoof the IP > addresses of the internal network to bypass this security measure. The easiest way to do this is with a firewall. Set up a firewall on your external interface that blocks all packets claiming to be from your internal interface. Your OS should have a tool to do this (iptables on modern Linux). It's also smart to do this at your perimeter router; since lots of random things use IP addresses as access control it's wise to stop anything fishy before it gets into your building. ----Scott. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|