Re: [users@httpd] DDOS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/9/06, Leonardo Neves <leonardo.neves@xxxxxxxxx> wrote:
I changed configuration. Mandriva's default configuration is:

<IfModule mod_proxy.c>

    # <Proxy> - Container for directives affecting resources located
in the proxied location
    <Proxy *>
        Order deny,allow
        Deny from all
    #    Allow from .your-domain.com
    </Proxy>
    ...
    # ProxyRequests - on if the true proxy requests should be accepted
    ProxyRequests On
    ...
</IfModule>

In this environment, apache will return code 403 for those:
    ProxyPass /compras http://192.168.4.4/compras/
    ProxyPassReverse /compras http://192.168.4.4/compras/

Is there any alternative? Is it possible to limit access to known
users/passwords?

Have you read the documentation yet?  In particular
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse

You can solve your problem by turning
ProxyRequests Off
And putting Allow from all in the <Proxy> block.

You should file a bug report with Mandriva telling them to put
"ProxyRequests Off" in their default config.  Many more people want a
reverse proxy than a forward proxy.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux