[users@httpd] only allowing specific hosts via https proxy

[Sebastian Reitenbach <re...@rapideye.de>]

Hi,  
  
I am trying to do the following with the apache proxy module:  
  
I want to use apache proxy module for http, ftp and https (for some special  
trusted hosts) and redirect it to mod_clamav.  
  
This works very well for http and ftp. scanning https does not work, therefore  
I want to setup a whitelist of trusted https hosts.  
  
The AllowCONNECT statement only allows to define allowed ports, therefore  
useless.  
  
The ProxyBlock is generally useful to block unwanted content, to setup a  
blacklist. so far so good, but not useful for my case.  
  
Then I thought the <Proxy > or <ProxyMatch > containers would do the trick,  
but it does not seem to be that case.  
  
The following will block all traffic to e.g. http://www.ccc.de  
<ProxyMatch "http.*.ccc.de.*">  
        order deny,allow  
        deny from all  
        allow from none  
</ProxyMatch>  
  
But the following will not block traffic to e.g. https://www.ccc.de  
<ProxyMatch "https.*.ccc.de.*">  
        order deny,allow  
        deny from all  
        allow from none  
</ProxyMatch>  
  
I also tried the same with the <Proxy> container, but got the same result. 
 
Is there a way to only allow https connections to some given specific hosts? 
  
  
I am using SuSE 9.3 and the apache2-2.0.53-9.7 rpm of my distribution.  
  
kind regards 
Sebastian 
  


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org