Is there a way to display an error with a different message than the 403
Forbidden page configured with "ErrorDocument 403"?
This would improve the privacy, otherwise if a website displays a 403 error
on an admin login page restricted by IP address, someone trying to bypass
the reverse proxy will see the same error page and could know that a domain
name is used on the IP address.
On Sat, 25 Apr 2020 at 18:16, baptx <baptx...@gmail.com> wrote:
> It worked when using Require in a location, thanks!
>
>
> On Sat, 25 Apr 2020 at 13:41, Yann Ylavic <ylavic....@gmail.com> wrote:
>
>> On Sat, Apr 25, 2020 at 1:24 PM baptx <baptx...@gmail.com> wrote:
>> >
>> > @Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
>> %{CONN_REMOTE_ADDR}":
>> > I want to restrict access on some virtualhosts only because I want to
>> use some domain names without Cloudflare.
>> > It looks like your previous solution with mod_rewrite is better in my
>> case, since Require does not work in virtualhosts (I got the error:
>> "Require not allowed in <VirtualHost> context").
>>
>> Ah yes, correct, it should be enclosed in a location like:
>>
>> <VirtualHost ...>
>> ...
>> RemoteIP...
>> <Location "/">
>> Require expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
>> </Location>
>> ...
>> </VirtualHost>
>>
>> >>>
>> >>> Thanks Yann, it worked.
>>
>> Great!
>>
>> Regards,
>> Yann.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
