>Number: 3538 >Category: mod_proxy >Synopsis: controlling access to who can use the proxy via <Directory >proxy:*> fails >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Dec 15 12:40:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: Win32 1.3.3 >Environment: Windows NT Server 4.0 patched to Service Release 4 >Description: The description given in mod_proxy to allow who has access to the proxy server fails to work ... it is completely open and cannot deny access to any machines using IP dotted notation >How-To-Repeat: the default setup as stated in the docs for mod_proxy can be tested and fails! >Fix: nope ... but I hope U can >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
