https://bz.apache.org/bugzilla/show_bug.cgi?id=55348
--- Comment #9 from William A. Rowe Jr. <[email protected]> --- Yes, the auth phase should follow the translation by mod_remoteip, so the auth require can be based on the trusted x-f-f: header. The logic is written to get at the hostname, even if it wasn't previously looked up as part of an auth transaction. (Without cgi, auth etc, it needs to be entirely possible to fulfill a connection without ever performing a connection or x-f-f: reverse name lookup.) -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
