You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Dave Lowenstein <dl...@mail.sdsu.edu> on 2002/09/11 19:28:45 UTC
[users@httpd] Help with ProxyPass needed
I'd like to allow people to access documents on a server which is behind a
firewall from my webserver. The other server allows access from my
webserver on port 80, but doesn't allow access from anyone else.
I set up the following on a test server:
<IfModule mod_proxy.c>
ProxyRequests Off
ProxyPass /proxy http://my.server.com/
</IfModule>
I'm able to type in other.server.com/proxy/document_on_my.server.pdf
and get the document. I'm also able, however, to select my webserver as a
proxy server in browser preferences, and bring up cnn.com using my
webserver as the proxy. It's a very screwed-up looking cnn.com (not all
the images load, the text is in large clumsy looking fonts) but
nevertheless the page comes up.
Can this be exploited? Is there a way to set it up so that I can proxy
through to these docs on the other server but not allow people to use my
server as a proxy server? I can't set up allow/deny lists because the
general public needs to be able to download these documents from my
webserver.
I thought that reverse proxying would keep people from using my server as
a proxy while allowing the docs to come over, but it didn't seem to
work. I did the exact same config as above but with "ProxyPassReverse"
Any help would be appreciated
Thanks,
Dave
Dave Lowenstein
Programmer/Analyst
Instructional Technology Services
San Diego State University
(619)594-0270
http://www-rohan.sdsu.edu/dept/its
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help with ProxyPass needed
Posted by Joshua Slive <jo...@slive.ca>.
Dave Lowenstein wrote:
>
> <IfModule mod_proxy.c>
> ProxyRequests Off
> ProxyPass /proxy http://my.server.com/
> </IfModule>
>
> I'm able to type in other.server.com/proxy/document_on_my.server.pdf
>
> and get the document. I'm also able, however, to select my webserver as a
> proxy server in browser preferences, and bring up cnn.com using my
> webserver as the proxy. It's a very screwed-up looking cnn.com (not all
> the images load, the text is in large clumsy looking fonts) but
> nevertheless the page comes up.
Have you tried this from other computers? Are you sure it is not a
client-wierdness? Have you searched through httpd.conf for any other
instances of the ProxyRequests directive? What does the access_log and
error_log entries for the relevant requests look like?
Joshua
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org