You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Anthony Smith <an...@fedex.com> on 2006/08/22 23:02:54 UTC
[users@httpd] Filters in Apache?
I know that if I was doing this in java I would need a filter, but if my
sites under apache just includes pictures and html docs, with some cgi,
I am unsure if a filter is really what I need.
I was trying to figure out a way, where based on the URL path could do
certain things.
If someone goes to:
http:/mysite.com/alpha -> This would maybe check the header information
for a certain variable (anything under the alpha directory (files or
folders))
http:/mysite.com/beta -> This would forward you to beta.mysite.com
(anything under the beta directory (files or folders))
http:/mysite.com/gamma -> This would maybe check the time of day and if
it is after 5pm forwards you to a static page that says it is after 5pm.
Is anything like this possible?
RE: [users@httpd] Filters in Apache?
Posted by Anthony Smith <an...@fedex.com>.
Thanks.
But when I said control/security I don't mean from a user perspective or
from the perspective of denying people from certain sites based on their
IP or anything like that.
But thanks anyway for the info.
-----Original Message-----
From: colebatchd@gmail.com [mailto:colebatchd@gmail.com] On Behalf Of
Dmitri Colebatch
Sent: Tuesday, August 22, 2006 5:26 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Filters in Apache?
On 8/23/06, Anthony Smith <an...@fedex.com> wrote:
> I basically want a way to provide some control/security over all the
> sites without have the sites modified.
Have you looked at http://httpd.apache.org/docs/2.0/howto/auth.html?
Sounds to me like that's what you're after.
cheers
dim
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Filters in Apache?
Posted by Dmitri Colebatch <di...@colebatch.com>.
On 8/23/06, Anthony Smith <an...@fedex.com> wrote:
> I basically want a way to provide some control/security over all the
> sites without have the sites modified.
Have you looked at http://httpd.apache.org/docs/2.0/howto/auth.html?
Sounds to me like that's what you're after.
cheers
dim
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Filters in Apache?
Posted by Joshua Slive <jo...@slive.ca>.
On 8/22/06, Anthony Smith <an...@fedex.com> wrote:
> I will take a look at mod_rewrite.
>
> As far as alpha. Let's say that someone enters the alpha site passing
> parameters through the URL, a post, or even just header variables. I
> want the ability to have the filter look at any of those different ways
> and get the value of the variable.
>
> So let's say that someone enters the alpha url via a POST that has a
> variable of user. If user equals Anthony, I should redirect them to
> beta. If user equals Josh, I should checked to see if they are logged on
> and then let them through or send them to a login page.
>
> I basically want a way to provide some control/security over all the
> sites without have the sites modified.
mod_rewrite can handle the query string and request headers, but not
POST content. The only module I know of that can deal with POST
content in that way is mod_security.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Is this possible ?
Posted by Joshua Slive <jo...@slive.ca>.
On 8/23/06, Jignesh Badani <jb...@mmsa.com> wrote:
> Awesome, just trying to understand the syntax of the last SetEnvIf:
>
> SetEnvIf let_10161_in ^0$ !let_xuser_in
>
> --> If the env variable let_10161_in is "0" - meaning the request is not
> from 10.161, unset (make it 0?) the let_xuser_in env variable ?
Basically, yes. Although "unset" and "set to 0" are not the same thing.
>
> And mod_rewrite for this, how ?
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-For} !^10\.161 [or]
RewriteCond %{HTTP:Cookie} !XSESSION
RewriteRule .* - [F]
By the way, you should be aware that both X-Forwarded-For and Cookie
can be faked by the browser, so they don't provide real security. In
particular, if the request already has an X-Forwarded-For header when
it passes through the proxy, the new IP address will be folded into
it. You can detect this situation by testing X-Forwarded-For for a
comma, which is the separator used for multiple IP addresses.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Is this possible ?
Posted by Jignesh Badani <jb...@mmsa.com>.
Awesome, just trying to understand the syntax of the last SetEnvIf:
SetEnvIf let_10161_in ^0$ !let_xuser_in
--> If the env variable let_10161_in is "0" - meaning the request is not
from 10.161, unset (make it 0?) the let_xuser_in env variable ?
And mod_rewrite for this, how ?
Thanks
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
Jignesh Badani
"Joshua Slive" <jo...@slive.ca>
Sent by: jslive@gmail.com
08/23/2006 05:10 PM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [users@httpd] Is this possible ?
On 8/23/06, Jignesh Badani <jb...@mmsa.com> wrote:
> Hello all, let me try again.
>
> I have the following restriction in place:
>
> SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
> SetEnvIf COOKIE ^XSESSION let_xuser_in
>
> <Location />
> Order Deny,Allow
> Deny from all
> Allow from env=let_10161_in
> Allow from env=let_xuser_in
> </Location>
>
> It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
> Also it allows users who have a Cookie "XSESSION" gets in.
>
> Now, how do I combine them such that only users with both the conditions
> set can get in or otherwise Deny access.
>
> Meaning, a user has to come from 10.161 and also needs to have a
XSESSION
> cookie set inorder to get access.
>
> Can I form such an expression in SetEnvIf ? If so how ?
# This next line always matches
SetEnvIf Remote_Addr . let_10161=0
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1
SetEnvIf COOKIE ^XSESSION let_xuser_in
SetEnvIf let_10161_in ^0$ !let_xuser_in
Allow from env=let_xuser_in
You can write it in a less obtuse way if you use mod_rewrite.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Is this possible ?
Posted by Joshua Slive <jo...@slive.ca>.
On 8/23/06, Jignesh Badani <jb...@mmsa.com> wrote:
> Hello all, let me try again.
>
> I have the following restriction in place:
>
> SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
> SetEnvIf COOKIE ^XSESSION let_xuser_in
>
> <Location />
> Order Deny,Allow
> Deny from all
> Allow from env=let_10161_in
> Allow from env=let_xuser_in
> </Location>
>
> It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
> Also it allows users who have a Cookie "XSESSION" gets in.
>
> Now, how do I combine them such that only users with both the conditions
> set can get in or otherwise Deny access.
>
> Meaning, a user has to come from 10.161 and also needs to have a XSESSION
> cookie set inorder to get access.
>
> Can I form such an expression in SetEnvIf ? If so how ?
# This next line always matches
SetEnvIf Remote_Addr . let_10161=0
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1
SetEnvIf COOKIE ^XSESSION let_xuser_in
SetEnvIf let_10161_in ^0$ !let_xuser_in
Allow from env=let_xuser_in
You can write it in a less obtuse way if you use mod_rewrite.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Is this possible ?
Posted by Jignesh Badani <jb...@mmsa.com>.
Hello all, let me try again.
I have the following restriction in place:
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
SetEnvIf COOKIE ^XSESSION let_xuser_in
<Location />
Order Deny,Allow
Deny from all
Allow from env=let_10161_in
Allow from env=let_xuser_in
</Location>
It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
Also it allows users who have a Cookie "XSESSION" gets in.
Now, how do I combine them such that only users with both the conditions
set can get in or otherwise Deny access.
Meaning, a user has to come from 10.161 and also needs to have a XSESSION
cookie set inorder to get access.
Can I form such an expression in SetEnvIf ? If so how ?
Thank you
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Jignesh Badani
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Using "AND" condition in SetEnvIf and Allow from directives...
Posted by Jignesh Badani <jb...@mmsa.com>.
Hello, I have the following restriction in place:
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
SetEnvIf COOKIE ^XSESSION let_xuser_in
<Location />
Order Deny,Allow
Deny from all
Allow from env=let_10161_in
Allow from env=let_xuser_in
</Location>
It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
Also it allows users who have a Cookie "XSESSION" gets in.
Now, how do I combine them such that only users with both the conditions
set can get in or otherwise Deny access.
Meaning, a user has to come from 10.161 and also needs to have a XSESSION
cookie set inorder to get access.
Can I form such an expression in SetEnvIf ? If so how ?
Thank you
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
Jignesh Badani
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_security general question...
Posted by Joshua Slive <jo...@slive.ca>.
On 8/22/06, Jignesh Badani <jb...@mmsa.com> wrote:
> Thanks Nick, it makes sense. So can I assume that the Apache group is fine
> with its user base using 3rd party mod_security and that they do not plan
> to develop something similar ?
>
> The reason I am confused is I see Ryan Barnett as Team Lead for "Internet
> Security Apache Benchmark Project" and he talks/writes a lot about
> mod_security.
I think you are referring to the "Center for Internet Security Apache
Benchmark Project". Note that the Center for Internet Security is not
affiliated in any way with the Apache Software Foundation, the makers
of the Apache HTTP Server.
The developers of the Apache HTTP Server are, however, VERY happy to
have third parties develop and release modules for the server. The
one issue to consider with mod_security is that (unless you pay for
it) it is GPL licensed. Depending on who you ask, linking GPL and
Apache-licensed code may or may not be legal. If it is legal, the
result is almost surely GPL licensed. This isn't likely a problem for
an end-user of mod_security, but would be a big issue if you wanted to
redistribute Apache httpd with mod_security.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_security general question...
Posted by Jignesh Badani <jb...@mmsa.com>.
Thanks to Nick, Joshua & William for your responses. Keep up the good
work.
regards
-Jignesh
"William A. Rowe, Jr." <wr...@rowe-clan.net>
08/22/2006 07:58 PM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [users@httpd] mod_security general question...
Jignesh Badani wrote:
> Thanks Nick, it makes sense. So can I assume that the Apache group is
fine
> with its user base using 3rd party mod_security
Why not? http://modules.apache.org/ - lots of modules - we have no
problem
with users deploying any module which solves their requirements.
> and that they do not plan to develop something similar ?
I haven't seen anyone express interest in developing such features for
the core server, nor any feedback from mod_security developers asking
to become part of the core server.
As a general rule the httpd project doesn't seek out more features, devs
bring us offers of more features. Or they host them seperately.
> The reason I am confused is I see Ryan Barnett as Team Lead for
"Internet
> Security Apache Benchmark Project" and he talks/writes a lot about
> mod_security.
http://www.amazon.com/gp/product/0321321286/ref=sr_11_1/104-5102527-8430348?ie=UTF8
(newly minted, and the page includes a good bio for Ryan.)
Ryan comes from a network/systems security background, and has many
valuable
observations, so none of this should come as a surprise. For that matter,
I never actually saw the mysterious Andrew Ford at the Apache http project
either, although he also writes a decent book :) Not everyone in the
Apache
httpd server sphere actually participates in the project.
The "Internet Security Apache Benchmark Project" is not affiliated with
the
Apache software foundation.
> On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
>> We have been looking at implementing mod_security for quite some time
>> now, but it is not getting a green flag because the module is not part
>> of the Apache group offering (yet).
Of course I trust you don't use PHP or any other third party project.
Apache is an extensible platform, ruling in your choices in or out based
on if they are "Apache Software Foundation" projects is silly. Looking
at the license, the cast of characters supporting the extension etc are
valuable measurements, of course.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_security general question...
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Jignesh Badani wrote:
> Thanks Nick, it makes sense. So can I assume that the Apache group is fine
> with its user base using 3rd party mod_security
Why not? http://modules.apache.org/ - lots of modules - we have no problem
with users deploying any module which solves their requirements.
> and that they do not plan to develop something similar ?
I haven't seen anyone express interest in developing such features for
the core server, nor any feedback from mod_security developers asking
to become part of the core server.
As a general rule the httpd project doesn't seek out more features, devs
bring us offers of more features. Or they host them seperately.
> The reason I am confused is I see Ryan Barnett as Team Lead for "Internet
> Security Apache Benchmark Project" and he talks/writes a lot about
> mod_security.
http://www.amazon.com/gp/product/0321321286/ref=sr_11_1/104-5102527-8430348?ie=UTF8
(newly minted, and the page includes a good bio for Ryan.)
Ryan comes from a network/systems security background, and has many valuable
observations, so none of this should come as a surprise. For that matter,
I never actually saw the mysterious Andrew Ford at the Apache http project
either, although he also writes a decent book :) Not everyone in the Apache
httpd server sphere actually participates in the project.
The "Internet Security Apache Benchmark Project" is not affiliated with the
Apache software foundation.
> On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
>> We have been looking at implementing mod_security for quite some time
>> now, but it is not getting a green flag because the module is not part
>> of the Apache group offering (yet).
Of course I trust you don't use PHP or any other third party project.
Apache is an extensible platform, ruling in your choices in or out based
on if they are "Apache Software Foundation" projects is silly. Looking
at the license, the cast of characters supporting the extension etc are
valuable measurements, of course.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_security general question...
Posted by Jignesh Badani <jb...@mmsa.com>.
Thanks Nick, it makes sense. So can I assume that the Apache group is fine
with its user base using 3rd party mod_security and that they do not plan
to develop something similar ?
The reason I am confused is I see Ryan Barnett as Team Lead for "Internet
Security Apache Benchmark Project" and he talks/writes a lot about
mod_security.
regards
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
Jignesh Badani
Nick Kew <ni...@webthing.com>
08/22/2006 04:28 PM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [users@httpd] mod_security general question...
On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
> We have been looking at implementing mod_security for quite some time
now,
> but it is not getting a green flag because the module is not part of the
> Apache group offering (yet).
>
> 1. Is there a reason, this module is still not being bundled as part of
> the Apache source ?
Its author is an independent developer, and appears happy to remain that
way.
It's his work to distribute as he chooses. If you want it bundled with
Apache, get a package from a distributor - e.g. a Linux CDROM.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_security general question...
Posted by Nick Kew <ni...@webthing.com>.
On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
> We have been looking at implementing mod_security for quite some time now,
> but it is not getting a green flag because the module is not part of the
> Apache group offering (yet).
>
> 1. Is there a reason, this module is still not being bundled as part of
> the Apache source ?
Its author is an independent developer, and appears happy to remain that way.
It's his work to distribute as he chooses. If you want it bundled with
Apache, get a package from a distributor - e.g. a Linux CDROM.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] mod_security general question...
Posted by Jignesh Badani <jb...@mmsa.com>.
We have been looking at implementing mod_security for quite some time now,
but it is not getting a green flag because the module is not part of the
Apache group offering (yet).
1. Is there a reason, this module is still not being bundled as part of
the Apache source ?
2. Has anybody implemented the same along with Netegrity (CA) Siteminder
Web Agent module and in production ? If so, does it add too much of a
overhead ?
Thanks
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
Jignesh Badani
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Filters in Apache?
Posted by Anthony Smith <an...@fedex.com>.
I will take a look at mod_rewrite.
As far as alpha. Let's say that someone enters the alpha site passing
parameters through the URL, a post, or even just header variables. I
want the ability to have the filter look at any of those different ways
and get the value of the variable.
So let's say that someone enters the alpha url via a POST that has a
variable of user. If user equals Anthony, I should redirect them to
beta. If user equals Josh, I should checked to see if they are logged on
and then let them through or send them to a login page.
I basically want a way to provide some control/security over all the
sites without have the sites modified.
-----Original Message-----
From: jslive@gmail.com [mailto:jslive@gmail.com] On Behalf Of Joshua
Slive
Sent: Tuesday, August 22, 2006 5:02 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Filters in Apache?
On 8/22/06, Anthony Smith <an...@fedex.com> wrote:
> I know that if I was doing this in java I would need a filter, but if
my
> sites under apache just includes pictures and html docs, with some
cgi, I am
> unsure if a filter is really what I need.
> I was trying to figure out a way, where based on the URL path could
do
> certain things.
> If someone goes to:
>
>
>
> http:/mysite.com/alpha -> This would maybe check the header
information for
> a certain variable (anything under the alpha directory (files or
folders))
>
> http:/mysite.com/beta -> This would forward you to beta.mysite.com
(anything
> under the beta directory (files or folders))
>
> http:/mysite.com/gamma -> This would maybe check the time of day and
if it
> is after 5pm forwards you to a static page that says it is after 5pm.
>
>
>
> Is anything like this possible?
Probably with mod_rewrite, but your requirements above are not very
clear. Beta and gamma are certainly possible, but I don't know what
you mean by "a certain variable" nor what you want to do with it.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Filters in Apache?
Posted by Joshua Slive <jo...@slive.ca>.
On 8/22/06, Anthony Smith <an...@fedex.com> wrote:
> I know that if I was doing this in java I would need a filter, but if my
> sites under apache just includes pictures and html docs, with some cgi, I am
> unsure if a filter is really what I need.
> I was trying to figure out a way, where based on the URL path could do
> certain things.
> If someone goes to:
>
>
>
> http:/mysite.com/alpha -> This would maybe check the header information for
> a certain variable (anything under the alpha directory (files or folders))
>
> http:/mysite.com/beta -> This would forward you to beta.mysite.com (anything
> under the beta directory (files or folders))
>
> http:/mysite.com/gamma -> This would maybe check the time of day and if it
> is after 5pm forwards you to a static page that says it is after 5pm.
>
>
>
> Is anything like this possible?
Probably with mod_rewrite, but your requirements above are not very
clear. Beta and gamma are certainly possible, but I don't know what
you mean by "a certain variable" nor what you want to do with it.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org