Re: mod_proxy.c configuration problem for a tomcat6-bridged situation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eric Covener wrote:
On Wed, Jan 6, 2010 at 6:04 AM, Alvise Nicoletti
<lists@xxxxxxxxxxxxxxxxxxx> wrote:
  
I would like to restrict access to everything-but-mywebsite like the
example:
    

  
<IfModule mod_proxy.c>
        ProxyRequests Off
        <Proxy *>
                AddDefaultCharset off
                Order deny,allow
                Deny from all

                Allow from www.TOMCATWEBSITE.com
        </Proxy>
        ProxyVia On
</IfModule>


That restricts access "from" an [client] address, not access "to" a
backend [webserver] address.

If you're running a reverse proxy only (ProxyRequests off), and you've
told it to connect to a specific backend via ProxyPass, I don't see
why you need furtherer configuration to restrict anything.

  
mhh ...

the point is that the original configuration in my webserver was:
<IfModule mod_proxy.c>
        ProxyRequests Off
        <Proxy *>
                AddDefaultCharset off
                Order deny,allow
                Deny from all
        </Proxy>
        ProxyVia On
</IfModule>

And everthing was working, BUT, I had to remove everything to make the tomcat6-apache2 bridge work.
Also, in the header of that file I found written:
        #turning ProxyRequests on and allowing proxying from all may allow
        #spammers to use your proxy to send email.

So I guess this is not good:
<IfModule mod_proxy.c>
        ProxyRequests Off
        <Proxy *>
                AddDefaultCharset off
        </Proxy>
        ProxyVia On
</IfModule>



Or is it ok?

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux