You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by MARTYR Jean-Bernard <je...@renault.com> on 2004/08/05 09:34:54 UTC
[users@httpd] Reverse proxy and HTTP/1.1
Hello,
I've posting the following message last week with no reaction. Is there
anybody who could provide help, advice ?
Thanks.
JB.
_______________
Hello,
I'm currently experiencing a problem for which I'm really hoping apache2 is
the solution.
Context :
---------
End users access a web site hosted on IIS 5.0 on a win2K platform using a
Netscape 4.06 or 4.78 browser.
The web site is accessed in SSL v3 (client & server certificate)
The normal way of accessing the site is through a transparent proxy
(Nestcape Proxy 3.6)
End users are on an private Extranet. Proxy on the nearest DMZ and web
server on another DMZ behind the proxy
IIS 5.1 is configured to use keep-alive
Too many users to migrate to IE (almost 70000).
Issue :
------
It appears that Netscape browser 4.x does not implement correctly the Proxy
Keepalive standard so if a users want to access (as he should) the site via
the proxy (through a connect method) he gets as much TCP sessions as the
number of objects on the html page to download it. You can imagine the poor
performance of the result since it's not only the "normal" TCP handshake,
but also each time the SSL hanshake.
Various performance results :
-----------------------------
I've tried a couple of thing to measure and isolate the problem : my
application home page consists of 44 objects
* IE 6 vs NS through proxy : I'm counting the number of network packet
exchanged and the number of TCP sessions.
IE = 360 to 380 packets and 5 TCP sessions to retrieve the page
NS = 930 to 1000 packets and 45 TCP sessions
=> So my understanding is clearly the lack of support for proxy keep-alive
in Netscape
* IE 6 vs NS direct access to the web server :
both NS and IE 6 = 260 to 290 packets and 5 TCP sessions to retrieve the
page
=> keep alive is ok in both cases.
I was suspecting also a possible naggling problem with the win 2K platform
so I've setup a win 2K3 server in the same condition cause naggling is
basically disabled there but the results were the same.
Expected solution :
-------------------
Since the Netscape browser seems to implement correctly the simple HTTP 1.1
keep alive protocol my idea is to use apache as a reverse proxy facing the
browser and acting as an http client to the IIS webserver. So no proxy would
be needed to connect the NS browser to the apache web server (keepalive
should then work) and basically apache is a correct http/1.1 client.
Since the client certificate is also used to identify the UID of the users
in the application I'm also implementing the requestheader function of the
apache2 mod_header to pass it to the server.
Why I need help :
------------------
Apache2 is compiled on solaris 2.6 with these options :
--enable-cache --enable-mime-magic --enable-expires --enable-headers --enabl
e-proxy --enable-proxy-connect --enable-proxy-http --enable-ssl --enable-sta
tic-rotatelogs --enable-http --enable-rewrite --enable-so --enable-cgi
My concern is that when using this configuration of apache and accessing it
directly (no proxy) from NS I'm still having exactly the same performance as
with a forwarding proxy. I've snooped also on the reverse-proxy server the
network dialog between apache and IIS and it's the exact reflect of the NS
to apache dialog. My understanding is really that a reverse proxy should
dissociate the browser to reverse from the reverse to web server dialog and
it really does not seem to be the case.
Am I doing wrong assumptions there ?
Is there a misconfiguration here ?
I've already spent a lot of time on this issue and would be very happy if
anybody could bring some help.
Thanks to all in advance.
Regards.
JB.
_______________________________________________________
_______________________________________________________
My apache reverse conf :
[...]
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmht:/usr/local/apache2/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
CacheIgnoreCacheControl On
CacheIgnoreNoLastMod Off
CacheMaxExpire 15
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost _Locpro_>
SSLEngine on
SSLProxyEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
[...]
SSLVerifyClient require
SSLVerifyDepth 2
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
#SetEnvIf User-Agent ".*MSIE.*" \
# nokeepalive ssl-unclean-shutdown \
# downgrade-1.0 force-response-1.0
SetEnv proxy-keepalive On
SetEnv keepalive On
CustomLog /usr/local/apache2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x %{SSL_CLIENTS_DN}x \"%r\"
%b"
CustomLog /usr/local/apache2/logs/ssl_log common
# Enable the URL rewriting engine
RewriteEngine on
RewriteLogLevel 1
LogLevel warn
RewriteLog logs/rewrite_log.stats.renault.fr
ErrorLog logs/error_log.stats.renault.fr
# make sure the status page is handled locally
# and make sure no one uses our proxy except ourself
RewriteRule ^/apache-rproxy-status.* - [F]
RewriteRule ^(http|ftp)://.* - [F]
RewriteRule \.htr($|.*) / [F]
RewriteRule \.idc($|.*) / [F]
RewriteRule etc/passwd / [F]
RewriteRule etc/shadow / [F]
RewriteRule /\./ / [F]
RewriteRule /\.\./ / [F]
RewriteRule
(administrators.pwd)|(authors.pwd)|(users.pwd)|(service.pwd) / [F]
RewriteRule (root.exe?)|(cmd.exe?)|(default.ida?) / [F]
RewriteRule msadcs.dll / [F]
RequestHeader set CERT-SUBJECT %{SSL_CLIENT_S_DN}e
RewriteRule ^/Locpro(.*)$ to://my.iis.server/Locpro$1
RewriteRule ^to://([^/]+)/Locpro(.*) http://$1/Locpro$2 [P]
RewriteRule .* - [F]
ProxyRequests Off
</VirtualHost>
</IfDefine>
_______________________________________________________
_______________________________________________________
-- Disclaimer ------------------------------------
Ce message ainsi que les eventuelles pieces jointes constituent une correspondance privee et confidentielle a l'attention exclusive du destinataire designe ci-dessus. Si vous n'etes pas le destinataire du present message ou une personne susceptible de pouvoir le lui delivrer, il vous est signifie que toute divulgation, distribution ou copie de cette transmission est strictement interdite. Si vous avez recu ce message par erreur, nous vous remercions d'en informer l'expediteur par telephone ou de lui retourner le present message, puis d'effacer immediatement ce message de votre systeme.
***
This e-mail and any attachments is a confidential correspondence intended only for use of the individual or entity named above. If you are not the intended recipient or the agent responsible for delivering the message to the intended recipient, you are hereby notified that any disclosure, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by phone or by replying this message, and then delete this message from your system.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy and HTTP/1.1
Posted by MARTYR Jean-Bernard <je...@renault.com>.
I had a look at this excellent article and tried to change my rewrite config
to a proxypass/proxypassreverse config with no success.
I must admit I didn't use the mod_proxy_html but I don't think it would
solve my problem (remember Internet Explorer is working fine).
BTW thank for the clue. Any other comment, clue is appreciated.
JB.
----- Original Message -----
From: "suomi" <ap...@ayni.com>
To: <us...@httpd.apache.org>
Sent: Friday, August 06, 2004 8:24 AM
Subject: Re: [users@httpd] Reverse proxy and HTTP/1.1
> could that probaly help?
>
> http://www.apacheweek.com/features/reverseproxies
>
> suomi
>
> MARTYR Jean-Bernard wrote:
> > Hello,
> >
> > I've posting the following message last week with no reaction. Is there
> > anybody who could provide help, advice ?
> >
> > Thanks.
> > JB.
> > _______________
> > Hello,
> >
> > I'm currently experiencing a problem for which I'm really hoping apache2
is
> > the solution.
> >
> > Context :
> > ---------
> > End users access a web site hosted on IIS 5.0 on a win2K platform using
a
> > Netscape 4.06 or 4.78 browser.
> > The web site is accessed in SSL v3 (client & server certificate)
> > The normal way of accessing the site is through a transparent proxy
> > (Nestcape Proxy 3.6)
> > End users are on an private Extranet. Proxy on the nearest DMZ and web
> > server on another DMZ behind the proxy
> > IIS 5.1 is configured to use keep-alive
> > Too many users to migrate to IE (almost 70000).
> >
> > Issue :
> > ------
> > It appears that Netscape browser 4.x does not implement correctly the
Proxy
> > Keepalive standard so if a users want to access (as he should) the site
via
> > the proxy (through a connect method) he gets as much TCP sessions as the
> > number of objects on the html page to download it. You can imagine the
poor
> > performance of the result since it's not only the "normal" TCP
handshake,
> > but also each time the SSL hanshake.
> >
> > Various performance results :
> > -----------------------------
> > I've tried a couple of thing to measure and isolate the problem : my
> > application home page consists of 44 objects
> >
> > * IE 6 vs NS through proxy : I'm counting the number of network packet
> > exchanged and the number of TCP sessions.
> > IE = 360 to 380 packets and 5 TCP sessions to retrieve the page
> > NS = 930 to 1000 packets and 45 TCP sessions
> >
> > => So my understanding is clearly the lack of support for proxy
keep-alive
> > in Netscape
> >
> > * IE 6 vs NS direct access to the web server :
> > both NS and IE 6 = 260 to 290 packets and 5 TCP sessions to retrieve the
> > page
> >
> > => keep alive is ok in both cases.
> >
> > I was suspecting also a possible naggling problem with the win 2K
platform
> > so I've setup a win 2K3 server in the same condition cause naggling is
> > basically disabled there but the results were the same.
> >
> > Expected solution :
> > -------------------
> > Since the Netscape browser seems to implement correctly the simple HTTP
1.1
> > keep alive protocol my idea is to use apache as a reverse proxy facing
the
> > browser and acting as an http client to the IIS webserver. So no proxy
would
> > be needed to connect the NS browser to the apache web server (keepalive
> > should then work) and basically apache is a correct http/1.1 client.
> > Since the client certificate is also used to identify the UID of the
users
> > in the application I'm also implementing the requestheader function of
the
> > apache2 mod_header to pass it to the server.
> >
> > Why I need help :
> > ------------------
> > Apache2 is compiled on solaris 2.6 with these options :
>
> --enable-cache --enable-mime-magic --enable-expires --enable-headers --ena
bl
> >
e-proxy --enable-proxy-connect --enable-proxy-http --enable-ssl --enable-sta
> > tic-rotatelogs --enable-http --enable-rewrite --enable-so --enable-cgi
> >
> > My concern is that when using this configuration of apache and accessing
it
> > directly (no proxy) from NS I'm still having exactly the same
performance as
> > with a forwarding proxy. I've snooped also on the reverse-proxy server
the
> > network dialog between apache and IIS and it's the exact reflect of the
NS
> > to apache dialog. My understanding is really that a reverse proxy should
> > dissociate the browser to reverse from the reverse to web server dialog
and
> > it really does not seem to be the case.
> > Am I doing wrong assumptions there ?
> > Is there a misconfiguration here ?
> >
> > I've already spent a lot of time on this issue and would be very happy
if
> > anybody could bring some help.
> >
> > Thanks to all in advance.
> >
> > Regards.
> >
> > JB.
> >
> >
> > _______________________________________________________
> > _______________________________________________________
> > My apache reverse conf :
> >
> > [...]
> >
> > AddType application/x-x509-ca-cert .crt
> > AddType application/x-pkcs7-crl .crl
> >
> > SSLPassPhraseDialog builtin
> >
> > SSLSessionCache shmht:/usr/local/apache2/logs/ssl_scache(512000)
> > SSLSessionCacheTimeout 300
> >
> > CacheIgnoreCacheControl On
> > CacheIgnoreNoLastMod Off
> > CacheMaxExpire 15
> >
> > SSLMutex file:/usr/local/apache2/logs/ssl_mutex
> >
> > SSLRandomSeed startup builtin
> > SSLRandomSeed connect builtin
> >
> > <VirtualHost _Locpro_>
> >
> > SSLEngine on
> > SSLProxyEngine on
> >
> > SSLCipherSuite
> > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> >
> > [...]
> >
> > SSLVerifyClient require
> > SSLVerifyDepth 2
> >
> > SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
> >
> > #SetEnvIf User-Agent ".*MSIE.*" \
> > # nokeepalive ssl-unclean-shutdown \
> > # downgrade-1.0 force-response-1.0
> > SetEnv proxy-keepalive On
> > SetEnv keepalive On
> >
> >
> > CustomLog /usr/local/apache2/logs/ssl_request_log \
> > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x %{SSL_CLIENTS_DN}x
\"%r\"
> > %b"
> > CustomLog /usr/local/apache2/logs/ssl_log common
> >
> > # Enable the URL rewriting engine
> > RewriteEngine on
> > RewriteLogLevel 1
> > LogLevel warn
> > RewriteLog logs/rewrite_log.stats.renault.fr
> > ErrorLog logs/error_log.stats.renault.fr
> >
> > # make sure the status page is handled locally
> > # and make sure no one uses our proxy except ourself
> > RewriteRule ^/apache-rproxy-status.* - [F]
> > RewriteRule ^(http|ftp)://.* - [F]
> > RewriteRule \.htr($|.*) / [F]
> > RewriteRule \.idc($|.*) / [F]
> > RewriteRule etc/passwd / [F]
> > RewriteRule etc/shadow / [F]
> > RewriteRule /\./ / [F]
> > RewriteRule /\.\./ / [F]
> > RewriteRule
> > (administrators.pwd)|(authors.pwd)|(users.pwd)|(service.pwd) / [F]
> > RewriteRule (root.exe?)|(cmd.exe?)|(default.ida?) / [F]
> > RewriteRule msadcs.dll / [F]
> >
> >
> > RequestHeader set CERT-SUBJECT %{SSL_CLIENT_S_DN}e
> >
> > RewriteRule ^/Locpro(.*)$
to://my.iis.server/Locpro$1
> > RewriteRule ^to://([^/]+)/Locpro(.*) http://$1/Locpro$2
[P]
> >
> > RewriteRule .* - [F]
> > ProxyRequests Off
> >
> > </VirtualHost>
> >
> > </IfDefine>
> > _______________________________________________________
> > _______________________________________________________
> >
> >
> >
> > -- Disclaimer ------------------------------------
> > Ce message ainsi que les eventuelles pieces jointes constituent une
correspondance privee et confidentielle a l'attention exclusive du
destinataire designe ci-dessus. Si vous n'etes pas le destinataire du
present message ou une personne susceptible de pouvoir le lui delivrer, il
vous est signifie que toute divulgation, distribution ou copie de cette
transmission est strictement interdite. Si vous avez recu ce message par
erreur, nous vous remercions d'en informer l'expediteur par telephone ou de
lui retourner le present message, puis d'effacer immediatement ce message de
votre systeme.
> > ***
> > This e-mail and any attachments is a confidential correspondence
intended only for use of the individual or entity named above. If you are
not the intended recipient or the agent responsible for delivering the
message to the intended recipient, you are hereby notified that any
disclosure, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please notify
the sender by phone or by replying this message, and then delete this
message from your system.
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
-- Disclaimer ------------------------------------
Ce message ainsi que les eventuelles pieces jointes constituent une correspondance privee et confidentielle a l'attention exclusive du destinataire designe ci-dessus. Si vous n'etes pas le destinataire du present message ou une personne susceptible de pouvoir le lui delivrer, il vous est signifie que toute divulgation, distribution ou copie de cette transmission est strictement interdite. Si vous avez recu ce message par erreur, nous vous remercions d'en informer l'expediteur par telephone ou de lui retourner le present message, puis d'effacer immediatement ce message de votre systeme.
***
This e-mail and any attachments is a confidential correspondence intended only for use of the individual or entity named above. If you are not the intended recipient or the agent responsible for delivering the message to the intended recipient, you are hereby notified that any disclosure, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by phone or by replying this message, and then delete this message from your system.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy and HTTP/1.1
Posted by suomi <ap...@ayni.com>.
could that probaly help?
http://www.apacheweek.com/features/reverseproxies
suomi
MARTYR Jean-Bernard wrote:
> Hello,
>
> I've posting the following message last week with no reaction. Is there
> anybody who could provide help, advice ?
>
> Thanks.
> JB.
> _______________
> Hello,
>
> I'm currently experiencing a problem for which I'm really hoping apache2 is
> the solution.
>
> Context :
> ---------
> End users access a web site hosted on IIS 5.0 on a win2K platform using a
> Netscape 4.06 or 4.78 browser.
> The web site is accessed in SSL v3 (client & server certificate)
> The normal way of accessing the site is through a transparent proxy
> (Nestcape Proxy 3.6)
> End users are on an private Extranet. Proxy on the nearest DMZ and web
> server on another DMZ behind the proxy
> IIS 5.1 is configured to use keep-alive
> Too many users to migrate to IE (almost 70000).
>
> Issue :
> ------
> It appears that Netscape browser 4.x does not implement correctly the Proxy
> Keepalive standard so if a users want to access (as he should) the site via
> the proxy (through a connect method) he gets as much TCP sessions as the
> number of objects on the html page to download it. You can imagine the poor
> performance of the result since it's not only the "normal" TCP handshake,
> but also each time the SSL hanshake.
>
> Various performance results :
> -----------------------------
> I've tried a couple of thing to measure and isolate the problem : my
> application home page consists of 44 objects
>
> * IE 6 vs NS through proxy : I'm counting the number of network packet
> exchanged and the number of TCP sessions.
> IE = 360 to 380 packets and 5 TCP sessions to retrieve the page
> NS = 930 to 1000 packets and 45 TCP sessions
>
> => So my understanding is clearly the lack of support for proxy keep-alive
> in Netscape
>
> * IE 6 vs NS direct access to the web server :
> both NS and IE 6 = 260 to 290 packets and 5 TCP sessions to retrieve the
> page
>
> => keep alive is ok in both cases.
>
> I was suspecting also a possible naggling problem with the win 2K platform
> so I've setup a win 2K3 server in the same condition cause naggling is
> basically disabled there but the results were the same.
>
> Expected solution :
> -------------------
> Since the Netscape browser seems to implement correctly the simple HTTP 1.1
> keep alive protocol my idea is to use apache as a reverse proxy facing the
> browser and acting as an http client to the IIS webserver. So no proxy would
> be needed to connect the NS browser to the apache web server (keepalive
> should then work) and basically apache is a correct http/1.1 client.
> Since the client certificate is also used to identify the UID of the users
> in the application I'm also implementing the requestheader function of the
> apache2 mod_header to pass it to the server.
>
> Why I need help :
> ------------------
> Apache2 is compiled on solaris 2.6 with these options :
> --enable-cache --enable-mime-magic --enable-expires --enable-headers --enabl
> e-proxy --enable-proxy-connect --enable-proxy-http --enable-ssl --enable-sta
> tic-rotatelogs --enable-http --enable-rewrite --enable-so --enable-cgi
>
> My concern is that when using this configuration of apache and accessing it
> directly (no proxy) from NS I'm still having exactly the same performance as
> with a forwarding proxy. I've snooped also on the reverse-proxy server the
> network dialog between apache and IIS and it's the exact reflect of the NS
> to apache dialog. My understanding is really that a reverse proxy should
> dissociate the browser to reverse from the reverse to web server dialog and
> it really does not seem to be the case.
> Am I doing wrong assumptions there ?
> Is there a misconfiguration here ?
>
> I've already spent a lot of time on this issue and would be very happy if
> anybody could bring some help.
>
> Thanks to all in advance.
>
> Regards.
>
> JB.
>
>
> _______________________________________________________
> _______________________________________________________
> My apache reverse conf :
>
> [...]
>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
>
> SSLPassPhraseDialog builtin
>
> SSLSessionCache shmht:/usr/local/apache2/logs/ssl_scache(512000)
> SSLSessionCacheTimeout 300
>
> CacheIgnoreCacheControl On
> CacheIgnoreNoLastMod Off
> CacheMaxExpire 15
>
> SSLMutex file:/usr/local/apache2/logs/ssl_mutex
>
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
>
> <VirtualHost _Locpro_>
>
> SSLEngine on
> SSLProxyEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> [...]
>
> SSLVerifyClient require
> SSLVerifyDepth 2
>
> SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
>
> #SetEnvIf User-Agent ".*MSIE.*" \
> # nokeepalive ssl-unclean-shutdown \
> # downgrade-1.0 force-response-1.0
> SetEnv proxy-keepalive On
> SetEnv keepalive On
>
>
> CustomLog /usr/local/apache2/logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x %{SSL_CLIENTS_DN}x \"%r\"
> %b"
> CustomLog /usr/local/apache2/logs/ssl_log common
>
> # Enable the URL rewriting engine
> RewriteEngine on
> RewriteLogLevel 1
> LogLevel warn
> RewriteLog logs/rewrite_log.stats.renault.fr
> ErrorLog logs/error_log.stats.renault.fr
>
> # make sure the status page is handled locally
> # and make sure no one uses our proxy except ourself
> RewriteRule ^/apache-rproxy-status.* - [F]
> RewriteRule ^(http|ftp)://.* - [F]
> RewriteRule \.htr($|.*) / [F]
> RewriteRule \.idc($|.*) / [F]
> RewriteRule etc/passwd / [F]
> RewriteRule etc/shadow / [F]
> RewriteRule /\./ / [F]
> RewriteRule /\.\./ / [F]
> RewriteRule
> (administrators.pwd)|(authors.pwd)|(users.pwd)|(service.pwd) / [F]
> RewriteRule (root.exe?)|(cmd.exe?)|(default.ida?) / [F]
> RewriteRule msadcs.dll / [F]
>
>
> RequestHeader set CERT-SUBJECT %{SSL_CLIENT_S_DN}e
>
> RewriteRule ^/Locpro(.*)$ to://my.iis.server/Locpro$1
> RewriteRule ^to://([^/]+)/Locpro(.*) http://$1/Locpro$2 [P]
>
> RewriteRule .* - [F]
> ProxyRequests Off
>
> </VirtualHost>
>
> </IfDefine>
> _______________________________________________________
> _______________________________________________________
>
>
>
> -- Disclaimer ------------------------------------
> Ce message ainsi que les eventuelles pieces jointes constituent une correspondance privee et confidentielle a l'attention exclusive du destinataire designe ci-dessus. Si vous n'etes pas le destinataire du present message ou une personne susceptible de pouvoir le lui delivrer, il vous est signifie que toute divulgation, distribution ou copie de cette transmission est strictement interdite. Si vous avez recu ce message par erreur, nous vous remercions d'en informer l'expediteur par telephone ou de lui retourner le present message, puis d'effacer immediatement ce message de votre systeme.
> ***
> This e-mail and any attachments is a confidential correspondence intended only for use of the individual or entity named above. If you are not the intended recipient or the agent responsible for delivering the message to the intended recipient, you are hereby notified that any disclosure, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by phone or by replying this message, and then delete this message from your system.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org