Sorry, I didn't see your response. I have an nginx proxy on a separate server passing requests to apache. I am not using ipv6. Rpaf works, in as much as the logs show the original client ip addresses. But when I try to use allow/deny directives from an .htaccess file, referencing either domain names or ip addresses, they are not honored. All proxied requests are treated as though they come from the proxy host.
I tested this by allowing access, in the apache config, only to the proxy host, verified that requests were denied when connecting directly to the apache server, and observed that proxied requests were always allowed (they should never be if rpaf works). Rpaf runs before access, so it seems like rpaf doesn't do whatever is necessary for access to see the client ip. I was able to make my configuration work by replacing rpaf with a backported version of remoteip. I've moved on, so I don't have a test config still lying around. Googling around, there are lots of confusing discussions about this issue, and I wasted a lot of time trying to make rpaf work. I saw, for instance, the discussion of the ipv6 bug report, which makes it seem like this problem was fixed. John -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
