On Tue, Dec 02, 2003 at 12:59:08PM -0330, mike@xxxxxxxxxxx wrote: > > On Tue, Dec 02, 2003 at 05:36:01PM +0200, Neil Thompson wrote: > >> On Tue, Dec 02, 2003 at 07:14:06AM -0330, Mike Pelley wrote: > > You also need a > > > > <Proxy *> > > Order deny,allow > > Deny from all > > </Proxy> > > > > somewhere in your config so that the bad guys can't get in. > > > Neil - Are you sure about that last part? I don't this proxy as a forward > proxy and adding that last section denies all access (fixes the problem, > but that's a little severe ;-) <logs into work to check config> Yep...for what it's worth, I have a separate file in /etc/httpd/conf.d with my reverse proxy setup and the <Proxy *> statement is in the standard /etc/conf/httpd.conf file just after the <IfModule mod_proxy.c> ProxyRequests On statements The conf.d stuff is included before that statement, so maybe that has something to do with it. One full entry for one of my servers is - <VirtualHost testrhubarb.yy.zzz.com:80> ServerName testrhubarb.yy.zzz.com <Proxy http://123.12.12.123/*> Order allow,deny Allow from all </Proxy> ProxyPass / http://123.12.12.123/ ProxyPassReverse / http://123.12.12.123/ </VirtualHost> Names/IPs changed to protect the innocent :-) PLEASE NOTE - the entry in the <Proxy statement must match exactly the entry in the ProxyPass and ProxyPassReverse statements with the exception of the "*" in the <Proxy statement. If you want to send me a copy (sanitised) of your config to look over, I'll be happy to. Cheers! (Relax...have a homebrew) Neil -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
