Re: mod_proxy and .htaccess

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- Original Message -----
> 
> ----- Original Message -----
> > ----- Original Message -----
> > > On Tue, May 17, 2011 at 4:33 PM, --[ UxBoD ]--
> > > <uxbod@xxxxxxxxxxxx>
> > > wrote:
> > > > Thanks for the though I must be doing something wrong as I have
> > > > added to the Apache conf running on port 8080:
> > > >
> > > > LoadModule rpaf_module    Âmodules/mod_rpaf-2.0.so
> > > >
> > > > <IfModule mod_rpaf.c>
> > > > Â RPAFenable On
> > > > Â RPAFsethostname On
> > > > Â RPAFproxy_ips 127.0.0.1
> > > > Â RPAFheader X_Forwarded_For
> > > > </IfModule>
> > > >
> > > > and it is still writing 127.0.0.1 into the log files and
> > > > blocking
> > > > in .htaccess. I have checked the error log and no issues there;
> > > > plus have ran phpinfo() and see that X-Forwarded-For is being
> > > > set
> > > > correctly.
> > > >
> > > > Any thoughts ?
> > >
> > > 'X-Forwarded-For' is not spelt 'X_Forwarded_For'.
> > >
> > > It is also the default setting, so you should in fact just remove
> > > the
> > > RPAFHeader directive - you only need to specify it if the proxy
> > > you
> > > are behind does not use 'X-Forwarded-For' and instead uses
> > > 'X-Real-IP'
> > > or similar.
> > >
> > > Cheers
> > >
> > > Tom
> > >
> >
> > Yes sorry a typo; though have removed that setting all together and
> > it is still 127.0.0.1 that is showing up :(
> 
> 
> Okay got it working by using the correct module check! <IfModule
> mod_rpaf-2.0.c> and it now writes the correct IP into the logfiles;
> what does fail still though is that .htaccess ignores the change of
> IP. If I update the allow rule to be 127.0.0.1 it allows access
> fine. Darn :(

Have managed to work around it by using the following in .htaccess:

SetEnvIf REMOTE_ADDR ^XXX\.XXX\.XXX\.XXX access_granted
Order Deny,Allow
Deny from all
Allow from env=access_granted

Not ideal but at least it works now. Here is hoping Apache 2.3(4) is not to far off from being launched.
-- 
Thanks, Phil

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux