You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Rajiv Ranjan <Ra...@mindtree.com> on 2004/07/08 15:04:30 UTC

[users@httpd] how to stop upload of certain file types in apache

Hi,

I have a backend server to which file upload and download is possible.
Apache is the proxy to this server. I want to restrict upload of certain file
types into the server when they come from a certain IP range.

Any pointers on how can I do this?

Regards,
Rajiv.


DISCLAIMER:
This message (including attachment if any) is confidential and may be privileged. Before opening attachments please check them for viruses and defects. MindTree Consulting Private Limited (MindTree) will not be responsible for any viruses or defects or any forwarded attachments emanating either from within MindTree or outside. If you have received this message by mistake please notify the sender by return  e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited.  Please note that e-mails are susceptible to change and MindTree shall not be liable for any improper, untimely or incomplete transmission.

Re: [users@httpd] how to stop upload of certain file types in apache

Posted by Robert Andersson <ro...@profundis.nu>.

Rajiv Ranjan wrote:
> I have a backend server to which file upload and download is possible.
> Apache is the proxy to this server. I want to restrict upload of certain
> file types into the server when they come from a certain IP range.

That would be a *lot* easier to do at the backend rather than at the proxy.

Assuming that you by "file upload" mean a POST request of which one body
part contains a "file", there is no header information about the type of the
file or files being posted. The file's mime-type may be in the request body,
preceeding the various parts (although the user-agent could lie), but this
information is not parsed by Apache and so you cannot create conditions upon
them.

The only way I can think of to do this at the proxy (Apache) is to use
Apache 2's input filter mechanism, but I doubt you want to do that.

Regards,
Robert Andersson

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org