You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Julien Etter <ju...@juno.co.uk> on 2016/02/29 16:47:39 UTC
[users@httpd] Simple Apache 2.2 access control
Hello,
We are running apache 2.2.15, a simple asset server using a read-only mounted filesystem with millions of static files in it.
We are going to generate daily a list of asset names we need to prevent access to, about a thousand of them.
We would like to avoid adding a layer of high level language as PHP/Perl…
Is there a better approach than writing a very long RewriteRule based on all those names and issue a [R=404]?
We were looking in RewriteMap but feel we need the “complement” of it, something like:
“RewriteRule ${deniedMap} – [R=404]”
But even so this “map” would still be a non-efficient regular expression based code.
Any insight would be very welcome!
Best regards,
J.Etter
Re: [users@httpd] Simple Apache 2.2 access control
Posted by Luca Toscano <to...@gmail.com>.
Hello!
2016-02-29 16:47 GMT+01:00 Julien Etter <ju...@juno.co.uk>:
> Hello,
>
>
>
> We are running apache 2.2.15, a simple asset server using a read-only
> mounted filesystem with millions of static files in it.
>
>
>
> We are going to generate daily a list of asset names we need to prevent
> access to, about a thousand of them.
>
>
>
> We would like to avoid adding a layer of high level language as PHP/Perl…
>
>
>
> Is there a better approach than writing a very long RewriteRule based on
> all those names and issue a [R=404]?
>
> We were looking in RewriteMap but feel we need the “complement” of it,
> something like:
>
> “RewriteRule ${deniedMap} – [R=404]”
>
> But even so this “map” would still be a non-efficient regular expression
> based code.
>
>
>
> Any insight would be very welcome!
>
>
>
Is it an option to move to Apache 2.4? There are two things that might help
you:
1) mpm_event - https://httpd.apache.org/docs/2.4/mod/event.html (your use
case of serving only static assets might leverage a lot the event mpm)
2) mod_lua - https://httpd.apache.org/docs/2.4/mod/mod_lua.html - it is an
high level language but you could experiment to it to see if it could
resolve your use case in an elegant and simple way.
I tried to think about other solutions but I didn't come up with anything
simple and not convoluted.
Hope that helps!
Luca