Alvise Nicoletti wrote:
Alvise Nicoletti wrote:
Alvise Nicoletti wrote:
Eric Covener wrote:
On Wed, Jan 6, 2010 at 6:04 AM, Alvise Nicoletti
<li...@alvisenicoletti.com> wrote:
I would like to restrict access to everything-but-mywebsite like the
example:
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
Allow from www.TOMCATWEBSITE.com
</Proxy>
ProxyVia On
</IfModule>
That restricts access "from" an [client] address, not access "to" a
backend [webserver] address.
If you're running a reverse proxy only (ProxyRequests off), and you've
told it to connect to a specific backend via ProxyPass, I don't see
why you need furtherer configuration to restrict anything.
mhh ...
the point is that the original configuration in my webserver was:
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
</Proxy>
ProxyVia On
</IfModule>
And everthing was working, BUT, I had to remove everything to make
the tomcat6-apache2 bridge work.
Also, in the header of that file I found written:
#turning ProxyRequests on and allowing proxying from all may
allow
#spammers to use your proxy to send email.
So I guess this is not good:
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
</Proxy>
ProxyVia On
</IfModule>
Or is it ok?
mhh ....
Do you guy confirm that leaving a webserver with mod_proxy.c enabled
but with no rules is a good thing?
So I relax up a bit ...
And what is this?
Connection attempts using mod_proxy:
65.183.2.75 -> http://lti-mail01.ltinetworks.com:25
<http://lti-mail01.ltinetworks.com:25>: 1 Time(s)
