reverse_proxy ?

[Scott Alexander <mo...@humak.edu>]

Hi,

In a test environment I have a apache front_end server and a
apache mod_perl server both are on two physical different machines, plus
another machine for the database.

Our production server is one machine running only one instance of
apache/mod_perl and another machine for the database.

Users can upload documents, set rights as to who can download/update the
documents. The documents are kept in a directory outside of the document
root. I use Transhandler to rewrite the uri to the correct file location.
A http_referer also has to be present for the user to get the file.


I want to put all the documents on the front_end which is not running
mod_perl (here is a copy from the installation ./configure
--prefix=/usr/local/apache --enable-module=ssl --enable-module=rewrite
--enable-module=proxy --disable-module=cgi)

Then as far as I can see the documents would have to be under documentroot
which means anyone can have access to them just by guessing the url.

Any ideas how I can have the documents on the front_end and still maintain
some level of security.

/Scott

Re: reverse_proxy ?

[Ged Haywood <ge...@www2.jubileegroup.co.uk>]

Hi there,

On Wed, 30 Oct 2002, Scott Alexander wrote:

[snip]
> Our production server is one machine running only one instance of
> apache/mod_perl and another machine for the database.
[snip]
> Any ideas how I can have the documents on the front_end and still maintain
> some level of security.

This isn't really a mod_perl question then? :)  Best have a look at
access control with Apache, you can for example use .htaccess files.
I believe it's in the Apache documentation, and there are quite a few
books on the subject.  My favourite is "Professional Apache", I think
the ISBN is 1861003021.

73,
Ged.