https://issues.apache.org/bugzilla/show_bug.cgi?id=56094
Bug ID: 56094
Summary: mod_rewrite doesn't expose client_addr
Product: Apache httpd-2
Version: 2.4.7
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: mod_rewrite
Assignee: [email protected]
Reporter: [email protected]
quote from the httpd-devl-list:
> It looks to me like it is not exposed in mod_rewrite.
> I'd suggest opening a bug "mod_rewrite doesn't expose client_addr".
> For consistency, I'd suggest CONN_REMOTE_ADDR as in the expression parser
___________________________
mod_rewrite can't distinguish between %a and %{c}a currently
the idea is that the proxy has 127.0.0.1 and does SSL-termination
so it should use unecrypted connections to httpd, but in case
the connection comes from a different IP mod_rewrite is supposed
to redirect the request as shown below to https
without mod_remoteip the mod_rewrite snipped works as expected
so only a replacement for %{REMOTE_ADDR} would be needed that
uses the underlying peer IP address of the connection
<IfModule mod_remoteip.c>
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.example.com%{REQUEST_URI}
</IfModule>
http://httpd.apache.org/docs/2.4/mod/mod_rewrite.html
http://httpd.apache.org/docs/2.4/mod/mod_log_config.html
%a Client IP address of the request (see the mod_remoteip module).
%{c}a Underlying peer IP address of the connection (see the mod_remoteip
module)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
