Martin, there was a typo in the proxy docs: <IfModule mod_proxy.c> <Directory proxy:*> <Limit GET> order deny,allow deny from all allow from 127.0.0.1 139.25.113.10 192.168.123.1 #allow from 139.25.112.104 </Limit> </Directory> </IfModule>
does work, and the docs are corrected. [EMAIL PROTECTED] wrote: > > >Number: 271 > >Category: mod_proxy > >Synopsis: Access control for proxy does not work. > >Confidential: no > >Severity: serious > >Priority: medium > >Responsible: apache (Apache HTTP Project) > >State: open > >Class: sw-bug > >Submitter-Id: apache > >Arrival-Date: Thu Mar 27 08:40:01 1997 > >Originator: [EMAIL PROTECTED] > >Organization: > apache > >Release: 1.2b8-dev > >Environment: > SVR4-intel > >Description: > I'm using apache with the mod_proxy module and the following access > control(s): > > <IfModule mod_proxy.c> > <Directory proxy:*> > order deny,allow > deny from all > allow from 127.0.0.1 139.25.113.10 192.168.123.1 > #allow from 139.25.112.104 > </Directory> > </IfModule> > > Then I try to access http://www.geocities.com/ from the host 139.25.112.104 > and get (correctly): > > [Thu Mar 27 17:06:54 1997] access to proxy:http://www.geocities.com/ failed > for pgtd0119, reason: Client denied by server configuration > pgtd0119 unknown - [27/Mar/1997:17:16:42 +0100] "GET > http://www.geocities.com/ HTTP/1.0" 403 1089 > > But when I send a second request http://www.geocities.com/foo.bar > then the server passes the request to www.geocities.com, i.e., > it performs the proxy service that should be disallowed: > > pgtd0119 unknown - [27/Mar/1997:17:16:53 +0100] "GET > http://www.geocities.com/foo.bar HTTP/1.0" 404 1064 > > BTW: It would be nice if proxy (or any) access could be limited on host+path > level, not just host level. > >How-To-Repeat: > See above. > >Fix: > > >Audit-Trail: > >Unformatted: > > Kraemer <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > X-send-pr-version: 3.2 -- chuck Chuck Murcko The Topsail Group, West Chester PA USA [EMAIL PROTECTED]
